Learn what cyber security means for your law firm, your employees, and your bottom line. This presentation will provide a snapshot of the IT Security threats facing law firms today, as well as the knowledge and tools you can use to prevent them.
2015 Cybercrime Trends – Things are Going to Get InterestingIBM Security
What a year 2014 has been for cybercriminals! It’s time to take a look back at 2014 and learn what’s in store for 2015. How much further will cybercriminals go? What new techniques will we see? What are the main threats we should be wary of in 2015?
From new malware families to PC grade mobile malware, from persistent PC Trojans to cloud based criminal services –cybercriminals have been keeping busy with new and advanced techniques.
In this session, IBM Security’s Senior Fraud Prevention Strategist, Etay Maor, will take you through the top stories that made waves in in 2014’s cybercrime threat environment and review at the upcoming cybercrime trends for 2015.
We will look some of the biggest (and baddest) in cybercrime innovation, showcasing specific attacks that highlight the ingenuity observed in 2014 and discuss what we can expect in terms of PC and mobile fraud in 2015.
In this presentation, you will learn about:
– Latest malware attacks and evasion techniques
– How organizations failed to prevent attacks in 2014
– Forecast of how recent attacks will affect attacks in 2015
View the full on-demand webcast: https://attendee.gotowebinar.com/recording/4171628843485100290
Making Sense of Web Attacks: From Alerts to NarrativesImperva
Co-Founder & CTO of Imperva, Amichai Shulman, discusses how recognizing the security narrative in your web-application is a big challenge. On the one hand security products are getting more sensitive and are detecting even minor anomalies in incoming web traffic, while on the other hand attacks are becoming more automated and traffic intensive. As a result, security operators find themselves sifting through hundreds of thousands of individual alert messages per day, striving to know what the “#@$%” is going on. These slides present our innovative system that groups individual alerts from a web application firewall into attack narratives. They also present real-world cases and show results.
2015 Cybercrime Trends – Things are Going to Get InterestingIBM Security
What a year 2014 has been for cybercriminals! It’s time to take a look back at 2014 and learn what’s in store for 2015. How much further will cybercriminals go? What new techniques will we see? What are the main threats we should be wary of in 2015?
From new malware families to PC grade mobile malware, from persistent PC Trojans to cloud based criminal services –cybercriminals have been keeping busy with new and advanced techniques.
In this session, IBM Security’s Senior Fraud Prevention Strategist, Etay Maor, will take you through the top stories that made waves in in 2014’s cybercrime threat environment and review at the upcoming cybercrime trends for 2015.
We will look some of the biggest (and baddest) in cybercrime innovation, showcasing specific attacks that highlight the ingenuity observed in 2014 and discuss what we can expect in terms of PC and mobile fraud in 2015.
In this presentation, you will learn about:
– Latest malware attacks and evasion techniques
– How organizations failed to prevent attacks in 2014
– Forecast of how recent attacks will affect attacks in 2015
View the full on-demand webcast: https://attendee.gotowebinar.com/recording/4171628843485100290
Making Sense of Web Attacks: From Alerts to NarrativesImperva
Co-Founder & CTO of Imperva, Amichai Shulman, discusses how recognizing the security narrative in your web-application is a big challenge. On the one hand security products are getting more sensitive and are detecting even minor anomalies in incoming web traffic, while on the other hand attacks are becoming more automated and traffic intensive. As a result, security operators find themselves sifting through hundreds of thousands of individual alert messages per day, striving to know what the “#@$%” is going on. These slides present our innovative system that groups individual alerts from a web application firewall into attack narratives. They also present real-world cases and show results.
Join CTO and Nonprofit Cybersecurity expert Matthew Eshleman as he walks through the third annual Community IT Nonprofit Cybersecurity Incident Report.
This report looks at the different types of attacks that occur at small and mid-sized nonprofit organizations. Is your nonprofit prepared?
Matt also shares advice on security improvements that provide protection against the most common attacks. Learn the role of leadership in placing a value on cybersecurity preparedness for your nonprofit and the long term planning that should accompany your immediate assessment of your security risk.
Matt touches on vendor hacks from 2020 including Blackbaud and SolarWinds and discusses steps your nonprofit should take to understand your risk level.
Learn about real cyberattacks on nonprofit organizations and how they responded to these attempted hacks. Matt gives you the tools you need to protect your organization and staff from cybercrimes.
Many of these tips you can put in place quickly and train your staff on immediately.
Download the full report or view here: https://communityit.com/2021-nonprofit-cybersecurity-incident-download/
This lecture includes introduction to computers security and privacy. This lecture include basic concepts of terminologies and technologies involve in current securities and privacy needs.
Being aware of online and malware threats is the first step to computer security. In this presentation, we help you understand:
a. Importance of computer security
b. Consequences of ignoring computer security
c. Types of threats that can harm your computer
d. Measures to take to keep your computer safe
e. How can Quick Heal help
Personal Digital Hygiene is a concept developed by Lars Hilse. It focusses on reducing the risk of high value individuals, and their exposure and footprint on the digital world, making them less susceptible to kidnapping+ransom, and other (cyber) crimes
Cyber-Espionage: Understanding the Advanced Threat LandscapeAaron White
Cutting through the APT hype to help businesses prevent, detect and mitigate advanced threats.
Sophisticated cyber-espionage operations aimed at pilfering
trade secrets and other sensitive data from corporate networks currently present the biggest threat to businesses. Advanced threat actors ranging from nation-state adversaries to organized cyber-crime gangs are using zero-day exploits, customized malware toolkits and clever social engineering tricks to break into corporate networks, avoid detection,
and steal valuable information over an extended period
of time.
In this presentation, we will cut through some of the hype
surrounding Advanced Persistent Threats (APTs), explain the
intricacies of these attacks and present recommendations to
help you improve your security posture through prevention,
detection and mitigation.
Covid 19, How A Pandemic Situation Shapes Cyber ThreatsArun Kannoth
An humble attempt to discover how Covid-19 and such evolving events shape global cyber security landscape and organizations' security posture in the future. Lately I had an opportunity to present this to the CEO of a Silicon Valley based Cyber Security leader (I'm glad that he invited me for a beer soon after my presentation).
Incident handling of intrusions related to cyber espionage operations is a complex and challenging task. As a national CERT with a unique national early warning detection system, NSM NorCERT has detected and responded to incidents that vary from traditional incident response and abuse handling to counter-intelligence operations. Based on some real-world examples, this talk will be about incident handling of cyber espionage intrusions. What are the most common pitfalls and how can companies be better prepared?
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
Cyber Security Awareness Session conducted by Lightracers Consulting, for Management and non-IT employees. In this learning presentation, we will look at - What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Social Engineering techniques, Identifying legitimate and secure websites, Protection measures, Cyber Law in India followed by a small quiz.
For organizations today, cyber security stands as a top priority to keep their information and systems safe from theft, damages, or disruptions. Within the financial industry, cyber security is especially important as it relates to including best practices and procedures that can can help prevent hackers from achieving success. Organizations’ defensive strategies are what will best help them win the game. This presentation reviews how the enemy works, ways to defend your organization from an attack, what hackers are capable of, and more.
IT Security and Wire Fraud Awareness Slide DeckDon Gulling
A presentation on IT security, wire fraud and trends in information technology. The information is focused on making the audience aware of the new threats, how to protect against them, and what measures you can take to keep your critical information secure.
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSPreetiDevidas
Triggered by the corona virus lock down, the abrupt transition to a work from home ( W F H) venue forced organizations to scramble to support a larger remote workforce. Such a quick shift means that certain security measures and requirements inevitably fell by the wayside. At the same time, cybercriminals found a new opportunity for attack with remote workers and improperly secured connections and technologies. Together, these trends have created a more vulnerable environment affecting the cyber security defenses of many organizations.
Join CTO and Nonprofit Cybersecurity expert Matthew Eshleman as he walks through the third annual Community IT Nonprofit Cybersecurity Incident Report.
This report looks at the different types of attacks that occur at small and mid-sized nonprofit organizations. Is your nonprofit prepared?
Matt also shares advice on security improvements that provide protection against the most common attacks. Learn the role of leadership in placing a value on cybersecurity preparedness for your nonprofit and the long term planning that should accompany your immediate assessment of your security risk.
Matt touches on vendor hacks from 2020 including Blackbaud and SolarWinds and discusses steps your nonprofit should take to understand your risk level.
Learn about real cyberattacks on nonprofit organizations and how they responded to these attempted hacks. Matt gives you the tools you need to protect your organization and staff from cybercrimes.
Many of these tips you can put in place quickly and train your staff on immediately.
Download the full report or view here: https://communityit.com/2021-nonprofit-cybersecurity-incident-download/
This lecture includes introduction to computers security and privacy. This lecture include basic concepts of terminologies and technologies involve in current securities and privacy needs.
Being aware of online and malware threats is the first step to computer security. In this presentation, we help you understand:
a. Importance of computer security
b. Consequences of ignoring computer security
c. Types of threats that can harm your computer
d. Measures to take to keep your computer safe
e. How can Quick Heal help
Personal Digital Hygiene is a concept developed by Lars Hilse. It focusses on reducing the risk of high value individuals, and their exposure and footprint on the digital world, making them less susceptible to kidnapping+ransom, and other (cyber) crimes
Cyber-Espionage: Understanding the Advanced Threat LandscapeAaron White
Cutting through the APT hype to help businesses prevent, detect and mitigate advanced threats.
Sophisticated cyber-espionage operations aimed at pilfering
trade secrets and other sensitive data from corporate networks currently present the biggest threat to businesses. Advanced threat actors ranging from nation-state adversaries to organized cyber-crime gangs are using zero-day exploits, customized malware toolkits and clever social engineering tricks to break into corporate networks, avoid detection,
and steal valuable information over an extended period
of time.
In this presentation, we will cut through some of the hype
surrounding Advanced Persistent Threats (APTs), explain the
intricacies of these attacks and present recommendations to
help you improve your security posture through prevention,
detection and mitigation.
Covid 19, How A Pandemic Situation Shapes Cyber ThreatsArun Kannoth
An humble attempt to discover how Covid-19 and such evolving events shape global cyber security landscape and organizations' security posture in the future. Lately I had an opportunity to present this to the CEO of a Silicon Valley based Cyber Security leader (I'm glad that he invited me for a beer soon after my presentation).
Incident handling of intrusions related to cyber espionage operations is a complex and challenging task. As a national CERT with a unique national early warning detection system, NSM NorCERT has detected and responded to incidents that vary from traditional incident response and abuse handling to counter-intelligence operations. Based on some real-world examples, this talk will be about incident handling of cyber espionage intrusions. What are the most common pitfalls and how can companies be better prepared?
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
Cyber Security Awareness Session conducted by Lightracers Consulting, for Management and non-IT employees. In this learning presentation, we will look at - What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Social Engineering techniques, Identifying legitimate and secure websites, Protection measures, Cyber Law in India followed by a small quiz.
For organizations today, cyber security stands as a top priority to keep their information and systems safe from theft, damages, or disruptions. Within the financial industry, cyber security is especially important as it relates to including best practices and procedures that can can help prevent hackers from achieving success. Organizations’ defensive strategies are what will best help them win the game. This presentation reviews how the enemy works, ways to defend your organization from an attack, what hackers are capable of, and more.
IT Security and Wire Fraud Awareness Slide DeckDon Gulling
A presentation on IT security, wire fraud and trends in information technology. The information is focused on making the audience aware of the new threats, how to protect against them, and what measures you can take to keep your critical information secure.
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSPreetiDevidas
Triggered by the corona virus lock down, the abrupt transition to a work from home ( W F H) venue forced organizations to scramble to support a larger remote workforce. Such a quick shift means that certain security measures and requirements inevitably fell by the wayside. At the same time, cybercriminals found a new opportunity for attack with remote workers and improperly secured connections and technologies. Together, these trends have created a more vulnerable environment affecting the cyber security defenses of many organizations.
Cyberattacks are malicious actions taken by individuals, groups, or organizations against computer systems, networks, and digital devices with the intent to damage, steal or manipulate data, or disrupt normal operations. These attacks can target anyone, from individuals to governments and large corporations, and can cause severe damage to both personal and professional lives.
How US Cybersecurity Executive Order Impacts IBM i Customers Precisely
Increasing threats from ransomware and geo-political threats of cyber warfare mean these are challenging times for those responsible for IT security. Earlier this year, US President Joe Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act. In addition, the White House recommended companies execute multiple strategies to protect critical services and systems in a statement titled “Act Now to Protect Against Potential Cyberattacks." Many of these recommendations are particularly relevant to the IBM i community. There are specific recommendations in security tools, response strategies, and preventive measures all IBM i companies should be implementing.
Watch this on-demand webinar to learn about:
• Specific recommendations from the US government
• Applying these recommendations to your IBM i environment
• How Precisely can help
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
Our security practices need to evolve in order to address the new challenges propped up by the rapid adoption of technologies and products to enable the world to WFH. The mantra of the attacker remains consistent -- attack that which yields maximum result -- and that is usually something used by a very very large number of users. This webinar will discuss the Top 10 Security Gaps that CISOs should be aware of as they brace for long WFH periods.
What will you learn :
-New Attack techniques hackers are using targeting WFH
-How to handle decentralisation of IT and technology decisions?
-Application risks as enterprises pivot to online/new business model(s)
-New risks in the Cloud and due to Shadow IT
-Security risks due to uninformed employees & their home infrastructure
-How to handle Misconfigurations & Third party risks
-How to build a robust breach response and recovery program?
Full video - https://youtu.be/bQLfnmhDnQs
Similar to Law Firm Cybersecurity: Practical Tips for Protecting Your Data (20)
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
2. In February, 2013, the FBI gave a keynote presentation on law firm
security threats at LegalTech New York. In an article from Law
Technology News, the special agent in charge of the FBI’s cyber
operations in New York City is quoted as stating:
“We have hundreds of law firms that we see increasingly
being targeted by hackers. …We all understand that the
cyber threat is our next great challenge. Cyber intrusions are
all over the place, they’re dangerous, and they’re much more
sophisticated” than they were just a few years ago.”
4. REASONS LAW FIRMS
REPRESENT A CYBER TARGET:
• Many firms regularly maintain a tremendous amount of highly
confidential information and information is the currency that cyber
criminals trade in.
• You may not be the primary target. Many attacks are of the
command and control variety where the objective is to use your
environment as a beachhead for a secondary attack.
• Cyber criminals may be targeting YOUR CLIENT or ANOTHER FIRM
and realize that you represent the means to get passed their
existing infrastructure.
• As an industry, we make for a very easy target.
5. The measures in place for many firms are very far behind those in
other industries.
But its not just about spending money. The Goldman Sachs data
breach resulted in the discloser of 70+ million users accounts and
over 7 million business accounts. Goldman Sachs spend over $250
million dollars A YEAR in cyber defense.
It’s about the focus security gets all the way down to the end users.
End users are the single weakest point in any network.
7. • For two straight years, more than two thirds of Cyber Espionage
has featured Phishing as its primary means of attack
• According to the Verizon 2015 DBIR, in 2014, users opened
approximately 23% of inbound Phishing messages and 11%
clicked on attachments.
• Historically, Phishing has been the means to target individuals and
not businesses. This however is also changing dramatically.
• Enter “The Dyre Wolf”. This is a new campaign that utilizes the
now popular Dyre, or Dyreza, malware directly targeting corporate
banking accounts
• This phishing and malware campaign leverages spear phishing,
malware (initial infection via Upatre), social engineering, complex
process injections, the Deep Web and even Distributed Denial of
Service (DDoS) sprees to complete an attack Dyre wolf is a perfect
example of how most defenses are still only as safe is the weakest
employee.
PHISHING / SOCIAL
ENGINEERING ATTACKS
8. THE DYRE WOLF ATTACK
• Not your typical malware campaign
• Each attack cost companies $500,000 -
$1.5 million
• Uses targeted spear phishing emails,
malware and social engineering
16. Dyre wolf is a perfect example of how most
defenses are still only as safe is the weakest
employee.
Defending against Phishing attacks are largely
centered on knowledge and training of the
weakest link in your system – end users.
17. ACCIDENTS (AGAIN…USERS)
• Accidental disclosure of confidential information is a substantial
reason for a data breaches with over 60% being initiated by system
administrators.
Read “Biggest Cyber Security Threat to Law Firms is Not What You Think”
• Types of accidents often break down into 3 primary categories:
1) “D’oh!”: ever sent an email to a client and about .0009 seconds after
hitting the send button, you realize you’ve sent information to the wrong
recipient? DBIR reports this as being the single largest exposure point
for data
2) “My Bad!”: According to the same DBIR reports, about 17% of the
breach / disclosures are the result of users publishing nonpublic data to
public servers. Sensitive client data does not belong on the Google!
3) “Oops!”: The last bucket of end user snafu’s is the insecure disposal of
personal and medical data.
18. VULNERABILITIES…
(WE DON’T NEED NO STINKIN’ PATCHES)
• CVE’s, or common vulnerabilities and exposures, is a worldwide
list of known system vulnerabilities that is published to any and all
who want to use it.
• Most companies performing vulnerability scans are leveraging this
list to test a network for known weaknesses. Software and OS
updates are leveraging this list to build fixes to vulnerabilities as
fast as they are identified.
• Which brings up an interesting point – the vast majority of
breaches in 2014 were initiated through known CVE’s that were at
least a year old. AT LEAST A YEAR OLD!
• 97% of the known exploits were created with 10 CVE’s – ONLY 10!
• But before you ask – the remaining exploits were created with 7
MILLION CVE’s. So you cannot simply look for the top 10 and call
it a day.
19. THE LONG-CON
• Ransomware has traditionally acted as a zero day attack;
however, those same criminals are finding that a long, slow
attack can yield even higher returns.
• The next phase of ransom are will likely sit in an
environment for months before initiating action
• Possible scenarios now include server side attacks that can
encrypt data moving to and from the server until the
criminal feels they have sufficient amounts of data
encrypted
• They simply hold your and your data hostage in return for
payment
• No payment means they remove the encryption key and
none of your systems will work until you do
20. THE INTERNET OF THINGS & BYOD
(IT’S ONLY GOING TO GET MORE DIFFICULT…)
• Dramatic increase in the number of internet connected
devices that could lead to accidently exposure of
confidential information.
• Target proved this in spades
• As you look at your environment from a security perspective,
have you considered everything?
• Traditional unmonitored vectors include fax machines and
printers but, have you checked that new TV in the
conference room?
• What about that new iWatch?
22. • First things first - the firm, its partners and directors, all must
agree that security is a priority.
– First it needs to be a priority from the top down if the end users
are to adjust their daily behavior to marry to security policies of
the firm.
– The senior most people in any organization are typically the
least likely to be willing to adjust their behavior!
• Any investments needed to properly build and maintain a security
plan will require the people at the top to spend out of their own
pocket.
• Must be a permanent part of the business plan
GETTING IN FRONT OF THE
PROBLEM
23. STEP 1: PUT SOMEONE IN
CHARGE OF CYBERSECURITY
• Many organizations set a course for failure almost from the start
by not establishing responsibility for one person or a team of
people to manage this process.
• Must also be responsible for moving the firm from compliance to
security. These two are not the same thing.
• Even an ISO27001 certified firm may not be secure – they simply
have the policies and procedures in place for an effective security
program
24. STEP 2: HAVE SOMETHING
FOR THEM TO ENFORCE
• Every firm should employ some form of a written security plan
• There are 4 core controls within to a proper plan – Physical, Policy,
Detective and Corrective
• Key elements for a law firm security plan include:
– Identification - Identify the data your firm maintains, establish its
location and identify which information is most sensitive and in need of
monitoring.
– Encryption - Whether at rest or in transit, data should always be
encrypted.
– Remote Access / Authentication - What information will you allow access
to from outside the building?
– Password Policies - Will you be willing and able to implement a complex
password policy that changes every 90 days?
– Social Media Policy - Use at work? Can you use the same log in for
Facebook as you can for your company PC?
25. STEP 2: HAVE SOMETHING FOR
THEM TO ENFORCE (CONT.)
• Key elements for a law firm security plan (con’t)
– Physical Security - Are you planning to restrict building access? Can
you track when people come and go? Are there cameras to track
access to critical information?
– Vendor Security - No one likes to do it but auditing your 3rd party
vendors can be a critical piece to your security plan.
– Breach Response Planning - Each plan should contain critical pieces
such as client notification plans, plan for notifying authorities,
documentation plans, and overall decision-making ability.
26. STEP 3: CREATE & MAINTAIN A PROPER
DEFENSE / MONITORING ENVIRONMENT
• Firewall with IDS or IPS - A firewall with intrusion detection (IDS) or intrusion
prevention (IPS) is recommended for maximum protection against malicious traffic.
• Spam Filter – The majority of viruses that get into networks are from email phishing
attempts.
• Patching - The greatest source of vulnerability comes from using software and
application that are not properly patched (i.e. they lack the latest updates).
• Mobile Device Management – Allows you to manage, secure and monitor your firm’s
mobile devices in real time.
• Encryption – Any device that can store sensitive information (i.e. phones, laptops,
tablets) and is built to leave the building should be encrypted.
• White Listing Systems – For advanced defensive environments. This system keeps
anything that you do not designate from being installed anywhere on your network.
• Logging Systems - Understanding where your data resides AND being able to
establish patterns of users traffic can go a long way to knowing
when something has gone wrong and you’ve been breached.
Read: 5 Basic
Cybersecurity Controls
Every Firm MUST Have
in Place
27. STEP 4: FORM A MILITIA
• Create a security policy and turn your employees into your cyber
militia
• Employees represent one of your greatest defense opportunities,
but they need to understand the importance of protecting your
confidential data and the rules for keeping it safe.
• Training - Over 23% of people open phishing messages and 11%
click on attachments
• Enforcement - It’s up to management to ensure that the policies
and procedures are being followed
– Look to test users with false phishing emails to see who opens them
– Focus training on the types of campaigns that were most successful in
your company
28. STEP 5: CONTINUAL MONITORING
AND IMPROVEMENT
• Continual assessment and validation is necessary to verify the
effectiveness of your security efforts.
– Many attacks happen from exploiting weaknesses in browsers, web
applications, malicious websites, and other applications.
– Vulnerability Scanning is the most a cost-effective way to protect your
environment from unpatched exploits, new threats and hackers.
• Penetration Testing - A penetration test provides a point-in-time
snapshot of security gaps and should be done regularly to
determine system vulnerabilities.
• Security Assessment - Have a qualified third party review your
network and identify potential business implications of security
threats and how they can be remediated to improve compliance
and longevity.
29. ADDITIONAL RESOURCES
• 5 Basic Cybersecurity Controls Every Firm MUST Have in Place
• My firm has been hacked, what do I do?
• Which type of hackers represent the biggest threat to law firms?
• Law Firm Cyber Security Threat Matrix [eBook]
• Should Firms Restrict Access to Personal Email?
• Law Firm Cyber Security: Protecting Your Client’s Data
• What your Law Firm Needs to Know About IT Risk and Security
Audits
For further reading, visit our blog Legal Loudspeaker.
30. Discover how Accellis can help you
stay in front of cybersecurity threats.
Whether it’s a security assessment, penetration test, or
compliance evaluation – our team of certified security
experts can ensure you’re on the right track.
SCHEDULE A FREE
CONSULTATION
Schedule a Consultation
