CYBERSECURITY: WHY
CONTEXT IS YOUR CROWN
JEWELS
GET TO KNOW THE SHARKS
BY DR PETRA VUKMIROVIC CEH
MAP CAMP BY @SWARDLEY
WHO AM I ?
• An Emergency Medicine Doctor
– COVID Frontline Doctor March
2020
• Cyber Security Engineer in
Glasswall
• Wait – what??
• How?
• With a little help from my
friends – Wardley Maps
• And a lot of hard work and
determination 
THE ROAD TO SUCCESS
DISSERTATION –
MACHINE
LEARNING
APPLICATION IN
CYBER SECURITY
SELF
LEARNING
UDEMY
IMMERSIVE LABS
HOME VM LAB
PYTHON
•Ladies of London Hacking Society Meetups
Petra SKILLS LEARNED / IN
PROGRESS
OWASP TOP 10
CIA TRIAD
RISK MANAGEMENT
KALI LINUX
VULNERABILITY
SCANNING (NESSUS)
WIRESHARK
NETWORK SCANNING
(NMAP)
METASPLOIT
SQLmap
PYTHON
FTK
AUTOPSY
March 2020
WHY DO I NEED TO
KNOW THE CONTEXT?
• Know the waters that you are
swimming in!
• Are you swimming with sharks or
dolphins?
• Its also worth knowing the
position of land on the horizon to
swim towards to
• Then you can figure out what you
NEED to get there!
WHY
CONTEXT?
• Context awareness is embedded
in many professions and trained
extensively with simulations
(aviation and medicine – CPR)
• Its even easier to do simulations
in cyber security and Wardley
Maps are just that - a theoretical
simulation of the context and
climate your business is in
MY MAP
• Vulnerable or not vulnerable – the eternal question!
• The strategy that we apply to vulnerability management depends on
the context of the vulnerable software!
• Can we apply a reverse Wardley Map methodology?
• Think like an attacker!
• Figure out their needs
• And make sure they stay unfulfilled!
Black Hat Hacker
Vulnerable Software
0-day Exploit
Internet Access
Open
Ports &
Publicly
facing
IPs
Hacking Framework
Known Exploits
a smart and skilled one!
THANK YOU FOR YOU ATTENTION
QUESTIONS / DISCUSSION TIME

Map camp2020

  • 1.
    CYBERSECURITY: WHY CONTEXT ISYOUR CROWN JEWELS GET TO KNOW THE SHARKS BY DR PETRA VUKMIROVIC CEH MAP CAMP BY @SWARDLEY
  • 2.
    WHO AM I? • An Emergency Medicine Doctor – COVID Frontline Doctor March 2020 • Cyber Security Engineer in Glasswall • Wait – what?? • How? • With a little help from my friends – Wardley Maps • And a lot of hard work and determination 
  • 5.
    THE ROAD TOSUCCESS DISSERTATION – MACHINE LEARNING APPLICATION IN CYBER SECURITY SELF LEARNING UDEMY IMMERSIVE LABS HOME VM LAB PYTHON •Ladies of London Hacking Society Meetups Petra SKILLS LEARNED / IN PROGRESS OWASP TOP 10 CIA TRIAD RISK MANAGEMENT KALI LINUX VULNERABILITY SCANNING (NESSUS) WIRESHARK NETWORK SCANNING (NMAP) METASPLOIT SQLmap PYTHON FTK AUTOPSY March 2020
  • 6.
    WHY DO INEED TO KNOW THE CONTEXT? • Know the waters that you are swimming in! • Are you swimming with sharks or dolphins? • Its also worth knowing the position of land on the horizon to swim towards to • Then you can figure out what you NEED to get there!
  • 7.
    WHY CONTEXT? • Context awarenessis embedded in many professions and trained extensively with simulations (aviation and medicine – CPR) • Its even easier to do simulations in cyber security and Wardley Maps are just that - a theoretical simulation of the context and climate your business is in
  • 8.
    MY MAP • Vulnerableor not vulnerable – the eternal question! • The strategy that we apply to vulnerability management depends on the context of the vulnerable software! • Can we apply a reverse Wardley Map methodology? • Think like an attacker! • Figure out their needs • And make sure they stay unfulfilled!
  • 9.
    Black Hat Hacker VulnerableSoftware 0-day Exploit Internet Access Open Ports & Publicly facing IPs Hacking Framework Known Exploits a smart and skilled one!
  • 11.
    THANK YOU FORYOU ATTENTION QUESTIONS / DISCUSSION TIME

Editor's Notes

  • #8 Knowing the context enhances situational awareness The picture presents a major trauma team dealing with a patient. Individually they are all doing the right thing but there is something very wrong with this picture – in the context of a major trauma assessment there needs to be a trauma team lead at the end of the patient bed – directing the team while most importantly not being hands on to maintain situational awareness Similar in business, IT and cyber security – we focus on individual challenges, bug or vulnerabilities without being aware of the context they present in
  • #10 We have our user – a hacker, and a smart and skilled one indeed What does the attacker need to work on? What is his strategy? Lets see… What are his/her needs? What are the capabilities needed to fulfil the needs? Hacking framework – Metasploit Framework (most common) or storm (powershell attacks – more custom) What does the attacker need to do? Where does he/she have to invest most time and money? Lets take away the capabilities on the right! – Internet access (hide our vulnerable MySQL server behind a DMZ), Open Ports and IP (hide behind a firewall – use access control on the open open ports), patch vulnerable software Then think about 0-day exploits (CDR) Context is everything – if our server is not connected to the internet we might not use our resources to patch it! If we have all our systems patched and tight access control systems in place and we are still concerned – we can think about 0-day vulnerability mitigation tactics