The document summarizes key points from a cyber security conference on email security. It discusses how email threats are growing and quickening in pace. It notes that 91% of cyber incidents start with phishing and the average time to click on a phishing link is 100 seconds. The document warns that companies are at risk if they have certain information online or accept resumes through their websites, and states that organizations can no longer say they won't be attacked but only question of when. It emphasizes having a multilayered security and continuity strategy to achieve cyber resilience.
Trends bescherming en impact van Internationale Cybercrime - keynote Spaanse ...AtMost and AtMostTV
Trends bescherming en impact van Internationale Cybercrime - keynote Spaanse businessclub Costa del Sol. Wat is de impact van DDOS? Attack of security? Cyberalarm of valt het mee?
Mitigating Security Risks in Vendor Agreements
Providers of software, software-as-a-service, managed services, and professional services have varying degrees of sophistication in addressing security in their form contracts. Learn from an experienced technology attorney how to understand key clauses, or discover when they are missing, to ensure that the company's vendors are compliant with the appropriate security measures before signing the deal.
Brian Kirkpatrick is the founding shareholder of Kirkpatrick Law PC and a business attorney with a technology focus. He also serves as Of Counsel to Mullin Law PC for matters involving technology and information security.
His practice revolves around clients needing assistance in technology transactions, data privacy, cyber security, software compliance and audits, and general counsel related to business matters. Brian was voted 2015 Top Technology Attorney in Tarrant County by his peers as published in Fort Worth Texas Magazine.
Brian has published numerous articles and lectured nationally on legal topics such as software as a service, software licensing, contract negotiation, cyber security and legal considerations when starting a business. He is also featured in radio news interviews, as a conference panelist, a featured speaker, and is featured in an instructional video series about conducting negotiations. Before entering the legal profession, Brian was a Vice President commercial banker.
Brian is a graduate of Texas A&M University School of Law where he was inducted into the National Order of Barristers. He also has a Masters of Arts in Applied Economics from Southern Methodist University and a Bachelors of Science in Economics from Texas A&M University - Commerce where he was inducted into the Omicron Delta Epsilon International Economics Honor Society.
Security is a process, not a plugin (WordCamp Oslo 2018)Thomas Vitale
In 2000, the internationally renowned security technologist Bruce Schneier wrote: “Security is a process, not a product”. In the same essay, he wondered: “Will we ever learn?”. Apparently not.
How many times have you considered your WordPress application security only once completed? How many times have you installed a security plugin and thought it was enough? Securing a web application doesn’t mean installing a plugin just before deployment. Not at all.
I’m very passionate about security and I’d like to share my thoughts with you. My focus will be the security awareness related to web applications. Is WordPress secure? I will answer this question very clearly. And you’re not gonna like it!
Array Networks - A Layered Approach to Web and Application Security
Encryption creates the need for at least two levels of security. ADC’s provide high availability and a secure layer for SSL traffic termination, decryption, inspection and forwarding to advanced security appliances for further inspection.
Ed Keiper is a senior systems engineer with Array Networks. His background includes 10+ years of experience in cloud computing, infrastructure and security.
Trends bescherming en impact van Internationale Cybercrime - keynote Spaanse ...AtMost and AtMostTV
Trends bescherming en impact van Internationale Cybercrime - keynote Spaanse businessclub Costa del Sol. Wat is de impact van DDOS? Attack of security? Cyberalarm of valt het mee?
Mitigating Security Risks in Vendor Agreements
Providers of software, software-as-a-service, managed services, and professional services have varying degrees of sophistication in addressing security in their form contracts. Learn from an experienced technology attorney how to understand key clauses, or discover when they are missing, to ensure that the company's vendors are compliant with the appropriate security measures before signing the deal.
Brian Kirkpatrick is the founding shareholder of Kirkpatrick Law PC and a business attorney with a technology focus. He also serves as Of Counsel to Mullin Law PC for matters involving technology and information security.
His practice revolves around clients needing assistance in technology transactions, data privacy, cyber security, software compliance and audits, and general counsel related to business matters. Brian was voted 2015 Top Technology Attorney in Tarrant County by his peers as published in Fort Worth Texas Magazine.
Brian has published numerous articles and lectured nationally on legal topics such as software as a service, software licensing, contract negotiation, cyber security and legal considerations when starting a business. He is also featured in radio news interviews, as a conference panelist, a featured speaker, and is featured in an instructional video series about conducting negotiations. Before entering the legal profession, Brian was a Vice President commercial banker.
Brian is a graduate of Texas A&M University School of Law where he was inducted into the National Order of Barristers. He also has a Masters of Arts in Applied Economics from Southern Methodist University and a Bachelors of Science in Economics from Texas A&M University - Commerce where he was inducted into the Omicron Delta Epsilon International Economics Honor Society.
Security is a process, not a plugin (WordCamp Oslo 2018)Thomas Vitale
In 2000, the internationally renowned security technologist Bruce Schneier wrote: “Security is a process, not a product”. In the same essay, he wondered: “Will we ever learn?”. Apparently not.
How many times have you considered your WordPress application security only once completed? How many times have you installed a security plugin and thought it was enough? Securing a web application doesn’t mean installing a plugin just before deployment. Not at all.
I’m very passionate about security and I’d like to share my thoughts with you. My focus will be the security awareness related to web applications. Is WordPress secure? I will answer this question very clearly. And you’re not gonna like it!
Array Networks - A Layered Approach to Web and Application Security
Encryption creates the need for at least two levels of security. ADC’s provide high availability and a secure layer for SSL traffic termination, decryption, inspection and forwarding to advanced security appliances for further inspection.
Ed Keiper is a senior systems engineer with Array Networks. His background includes 10+ years of experience in cloud computing, infrastructure and security.
Security is a process, not a plugin (WordCamp London 2018)Thomas Vitale
In 2000, the internationally renowned security technologist Bruce Schneier wrote: “Security is a process, not a product”. In the same essay, he wondered: “Will we ever learn?”. Apparently not.
How many times have you considered your WordPress application security only once completed? How many times have you installed a security plugin and thought it was enough? Securing a web application doesn’t mean installing a plugin just before deployment. Not at all.
I’m very passionate about security and I’d like to share my thoughts with you. My focus will be the security awareness related to web applications. Is WordPress secure? I will answer this question very clearly. And you’re not gonna like it!
Security is a process, not a plugin (WordCamp Torino 2018)Thomas Vitale
In 2000, the internationally renowned security technologist Bruce Schneier wrote: “Security is a process, not a product”. In the same essay, he wondered: “Will we ever learn?”. Apparently not.
How many times have you considered your WordPress application security only once completed? How many times have you installed a security plugin and thought it was enough? Securing a web application doesn’t mean installing a plugin just before deployment. Not at all.
I’m very passionate about security and I’d like to share my thoughts with you. My focus will be the security awareness related to web applications. Is WordPress secure? I will answer this question very clearly. And you’re not gonna like it!
Bring out the hacker in you by trying out Security Innovation’s Hacking CyberRange – specially designed web applications with real world vulnerabilities. A parallel class session will also teach novices about how to uncover simple vulnerabilities and evolve into uncovering more complex vulnerabilities. You can simply sit and learn or get straight to hacking our application or follow along and do both. Live scores of participants will be displayed.
From Mirai to Monero – One Year’s Worth of Honeypot DataDefCamp
Adrian Hada and Mihai Vasilescu in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The slides and other presentations can be found on https://def.camp/archive
Rethinking Application Security for cloud-native eraPriyanka Aash
Cloud native applications are API driven and are based on distributed microservices. APIs are the gateway to your business and expose a lot of the business logic to the outside world. Legacy solutions to understand your applications security posture are not applicable to these modern continuously changing environments
RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?Scott Carlson
slides from my 2018 talk at the RSA Asia Pacific Conference in Singapore. First a basic overview of Blockchain for the audience and then a complete discussion of how the security of blockchain is really about the security of the whole stack, with the chain itself being the last thing you focus on.
Dr. Lane Arthur, James Johnson - CybersecurityJohn Blue
Cybersecurity - Dr. Lane Arthur and James Johnson, John Deere, from the 2016 World Pork Expo, June 8 - 10, 2016, Des Moines, IA, USA.
More presentations at http://www.swinecast.com/2016-world-pork-expo
By 2025, millennials are projected to make up 75% of the total workforce. Organizations have been adapting their processes, policies and environments to match the millennial culture, but are they truly prepared to handle millennial technology practices? Michael Crouse – Forcepoint VP, Insider Threat explains.
Redefining Defense - HITB2017AMS KeynoteSaumil Shah
It is time to transition defense from being reactive to proactive. This talk discusses seven axioms for implementing proactive defense strategy and measures for the future, concluding with a blueprint of the next evolution of pro-active defense architecture.
The Seven Axioms of Security - ITWeb 2017Saumil Shah
It is time to transition defense from being reactive to proactive. This talk discusses seven axioms for implementing proactive defense strategy and measures for the future, concluding with a blueprint of the next evolution of pro-active defense architecture.
Security is a process, not a plugin (WordCamp London 2018)Thomas Vitale
In 2000, the internationally renowned security technologist Bruce Schneier wrote: “Security is a process, not a product”. In the same essay, he wondered: “Will we ever learn?”. Apparently not.
How many times have you considered your WordPress application security only once completed? How many times have you installed a security plugin and thought it was enough? Securing a web application doesn’t mean installing a plugin just before deployment. Not at all.
I’m very passionate about security and I’d like to share my thoughts with you. My focus will be the security awareness related to web applications. Is WordPress secure? I will answer this question very clearly. And you’re not gonna like it!
Security is a process, not a plugin (WordCamp Torino 2018)Thomas Vitale
In 2000, the internationally renowned security technologist Bruce Schneier wrote: “Security is a process, not a product”. In the same essay, he wondered: “Will we ever learn?”. Apparently not.
How many times have you considered your WordPress application security only once completed? How many times have you installed a security plugin and thought it was enough? Securing a web application doesn’t mean installing a plugin just before deployment. Not at all.
I’m very passionate about security and I’d like to share my thoughts with you. My focus will be the security awareness related to web applications. Is WordPress secure? I will answer this question very clearly. And you’re not gonna like it!
Bring out the hacker in you by trying out Security Innovation’s Hacking CyberRange – specially designed web applications with real world vulnerabilities. A parallel class session will also teach novices about how to uncover simple vulnerabilities and evolve into uncovering more complex vulnerabilities. You can simply sit and learn or get straight to hacking our application or follow along and do both. Live scores of participants will be displayed.
From Mirai to Monero – One Year’s Worth of Honeypot DataDefCamp
Adrian Hada and Mihai Vasilescu in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The slides and other presentations can be found on https://def.camp/archive
Rethinking Application Security for cloud-native eraPriyanka Aash
Cloud native applications are API driven and are based on distributed microservices. APIs are the gateway to your business and expose a lot of the business logic to the outside world. Legacy solutions to understand your applications security posture are not applicable to these modern continuously changing environments
RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?Scott Carlson
slides from my 2018 talk at the RSA Asia Pacific Conference in Singapore. First a basic overview of Blockchain for the audience and then a complete discussion of how the security of blockchain is really about the security of the whole stack, with the chain itself being the last thing you focus on.
Dr. Lane Arthur, James Johnson - CybersecurityJohn Blue
Cybersecurity - Dr. Lane Arthur and James Johnson, John Deere, from the 2016 World Pork Expo, June 8 - 10, 2016, Des Moines, IA, USA.
More presentations at http://www.swinecast.com/2016-world-pork-expo
By 2025, millennials are projected to make up 75% of the total workforce. Organizations have been adapting their processes, policies and environments to match the millennial culture, but are they truly prepared to handle millennial technology practices? Michael Crouse – Forcepoint VP, Insider Threat explains.
Redefining Defense - HITB2017AMS KeynoteSaumil Shah
It is time to transition defense from being reactive to proactive. This talk discusses seven axioms for implementing proactive defense strategy and measures for the future, concluding with a blueprint of the next evolution of pro-active defense architecture.
The Seven Axioms of Security - ITWeb 2017Saumil Shah
It is time to transition defense from being reactive to proactive. This talk discusses seven axioms for implementing proactive defense strategy and measures for the future, concluding with a blueprint of the next evolution of pro-active defense architecture.
Detecting and Catching the Bad Guys Using Deception
Traditional controls are well known for their short comings in the face of modern cyber-attacks. Cyber security technologies will make use of signature based, behavioral, Next Generation capabilities or attempt to augment capabilities by leveraging cloud based or on premise cyber analytics warehouse and threat intelligence feeds via indicator of compromise (IOC) or other mechanisms. Although the later efforts have increased organizational cyber capabilities, they only do so with proper investments in people, process and technology. Additionally, as attackers adapt to defenses, these controls begin to experience decreasing marginal rates of defensive capability.
Deception programs, architectures and technologies endeavor to augment existing cyber security capabilities through the use of honeypots or honey net (decoys) or breadcrumbs or broken glass (deceptions).
Advanced deception technologies are differentiated by the use of distributed deception technology which features agentless, simple deployment capabilities with lightweight deceptions that leverage operating system objects deceive attackers into triggering alerts. Normal users would never trigger the deceptions as an attacker would, resulting in high fidelity alerting with near-zero false positives. Such technology consequently serves to not only augment cyber security capabilities post-breach but provides a new, highly effective post-breach cyber security capability along with precise real-time forensics.
James Muren is a strategist and delivers workshops in cyber security strategy, GRC and security architecture that are used to develop long-term strategies and tactical roadmaps for customers that addresses security for legacy and cloud architectures. As a strategic management consultant and having built fully capable cyber programs in the past, he helps mentor and lead teams for programs & projects in information technology & cyber security. James is primarily focused on the business benefits of cyber security, and the demonstration of those benefits through metrics that can be quickly communicated to executive leadership. By properly integrating security controls within a regulatory and policy context, security programs such as breach and incident response, data governance, forensics, etc. can properly demonstrate value, receive proper investment and adequately secure organizations.
James is also a researcher. His areas of research include: Continuous GRC, cyber analytics, Trusted Computing Group (TCG), Security Automation, Hardware & Software Security, ICS, SCADA, IOT, Malware Research, Full System Security Design Lifecycle and Leap Ahead technology.
The Essentials of Cyber Insurance: A Panel of Industry ExpertsShawn Tuma
Patrick Florer (Risk Centric Security, Inc.), Mark Knepshield (McGriff, Seibels & Williams), and John Southrey (Texas Medical Liability Trust) are cyber insurance industry experts who have been working in the industry for longer than most of the newly-minted experts have even known about cyber insurance. In this panel presentation at the North Texas ISSA Conference, cybersecurity and data privacy attorney Shawn Tuma moderated their discussion and it was outstanding even though they did not make it through half of the slides due to the depth of their discussion. The presentation date was November 10, 2017.
Avkash_lesser known threat intel implementationsAvkash Kathiriya
In current scenario there are many myths exist about the Threat Intelligence in cyber security. In this session we will cover the lesser known and practical implementation of threat intelligence along with thinking beyond the "IOC Way" to make the threat intelligence more effective.
We hired hackers to hack us; A case study about cloud-based authentication an...LetsConnect
One of our customers is a political party in Norway. This year is an election year, and before and during every election, hackers try to hack them, big time!
Item Consulting is the business partner who introduced them to IBM Connections, which is now used broadly within the organisation and to collaborate with the government.
So, we thought it´d be best to run a security test before the election. We hired hackers!
This case study will show how Item Consulting integrated the cloud-based third-party authentication mechanism, Auth0, into IBM Connections, and you will learn about the hack attempt and what the hackers were able to find out. Did they manage to hack IBM Connections?
The Art of Evading Anti-Virus
There are estimates that security analysts, to include penetration testers, are approximately 5 years behind malicious actors. Anti-virus by itself isn’t enough to stop a malicious individual from gaining access to your servers or computers anymore. In fact many of them have devised ways to evade anti-viruses. We as security professionals should understand how these individuals are doing this, and what tools are available for us to replicate these attacks. Tools such as veil-framework assist us with this. This talk will go over this tool, and how malicious individuals evade anti-viruses with ease.
Quentin Rhoads-Herrera is a security analyst for State Farm. In this position he is responsible for risk analysis and application security assessments. He is accountable for ensuring risks are identified and properly mitigated throughout the organization.
He previously served as the Information Security Director for Clearview Energy and Solarview. In this position he oversaw all information security activities. These included development of company-wide cyber security standards, development of layered defense approaches and the hardening and defense of all company systems.
Mr. Rhoads-Herrera has worked in the Information Security space for a total of seven years serving in roles ranging from Security Consultant to Information Security Director.
The landscape of "threat hunting" has drastically changed due to the increase in TLS encrypted Internet traffic. The days of adversaries registering domains with their given names are gone and malicious actors increasingly use malware that takes advantage of TLS encryption to hide their tracks. Yet, even in this brave new world of altered TTPs, the adversaries leave clues that can expose their infrastructure. To find these clues, however, blue teams need to learn some new tricks.
Our talk focuses on expanding upon techniques that have been researched and presented on at various conferences by Mark Parsons, specifically, his methods for using TLS certificates to find malicious malware infrastructure. We will build upon Parsons' corpus of work and show how his approach to malware certificate hunting can be expanded upon to detect instances of PowerShell Empire servers that have self-generated SSL certs on port 443 and 8080. These certificates have a unique finger print that can be detected by leveraging tools like zmap/zgrep, python, and statistics/machine learning. The results of this research will show how network defenders can find previously unknown instances of malicious infrastructure communicating with their network and prevent them in the future. Finally, we will discuss our hypotheses creation, our code and techniques, methods of validation for verification, and release our tools and methodology for use by the community to explore other "hidden empires" of malware that may exist.
Social Engineering 101 or The Art of How You Got Owned by That Random StrangerSteven Hatfield
My presentation that was given at North Texas ISSA Second Annual Cyber Security Conference on 4/25/2015. This presentation covers the basics of Social Engineering and provides a good base of knowledge for anyone looking to understand more about this skill, along with where to learn more.
"Today’s attacks succeed because the defense is reactive". I have been researching attacks and offensive techniques since the past 17 years. Defense boils down to reacting to new attacks and then playing catch-up.
It is time to transition defense from being reactive to proactive. This talk discusses seven axioms for implementing proactive defense strategy and measures for the future, concluding with a blueprint of the next evolution of pro-active defense architecture.
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...Splunk
All data is security relevant – whether you are an IT or security professional, it is important to gain context into all your data to understand your environment, quickly hunt for and investigate potential threats in your environment, and take action to remediate. In this session, you will learn how to: - Leverage your data across silos with analytics-driven security - Operationalize all relevant data to gain greater visibility of your environment to make more informed decisions - Optimize incident response to more clearly understand an attack and the sequential relationship between events to quickly determine the appropriate next steps - Improve investigation and remediation times by automating decisions or by using human-assisted decisions with full context from adaptive response - Utilize Splunk User Behavior Analytics and verify privileged access and detect unusual activity by using UBA anomalies
Drawing from CrowdStrike's work, Cayce Beames will present evolving cybersecurity threats, discussed her thoughts on why traditional security is failing and shared a bit on what this "next generation endpoint protection" is about.
Cayce has been working in technology for over 25 years. From IT Systems Administration to Network Engineering and Internet Security, Risk Management and Compliance Auditing, Cayce has consulted with many Global corporations and traveled extensively. Cayce is currently a governance, risk and compliance analyst at CrowdStrike and founder of the not for profit, public benefit, education for kids organization called "The Computer Club" where she works to inspire kids and adults to address their fear of the unknown and make something awesome with technology.
A Brief History of Cryptographic Failures
Cryptography is hard. It's not hard in the way a challenging video game is, or hard like getting through War and Peace without falling asleep, or even hard like learning a new skill. Cryptography is hard because it's both a system and a technical implementation, and failures in either part can have catastrophic (and sometimes existential) impacts. In this talk we'll take a look at some of the many ways that cryptographic systems have failed over the years, from accidental design flaws like the Data Encryption Standard (DES) defeat so elegantly demonstrated by the Electronic Frontier Foundation to intentional design flaws such as the reported National Security Agency (NSA) backdoor in the Dual Elliptic Curve (EC) Deterministic Random Bit Generator (DRBG). This talk will be a high-level discussion... no PhD in mathematics is required!
Brian Mork is the Chief Information Security Officer for Celanese, where he acts as a senior level executive reporting to the Chief Information Officer (CIO) and leading the strategy and operations of Information and Systems Security. His areas of responsibility include the Security Operations Center (SOC), SAP security, global security architecture, Industrial Control Systems (ICS) security architecture and governance, and the firewalls. He is responsible for establishing and maintaining an enterprise wide information security program to ensure that data information assets are adequately protected. Responsible for identifying, evaluating and reporting on information security risks in a manner that meets company needs, compliance and regulatory requirements. Mr. Mork oversees all technology risk management activities and acts as an advocate for all information security and business continuance best practices.
Steven Hatfield, Vulnerability Management Senior Advisor, Dell
Social Engineering 101 or the Art of How You Got Owned by That Stranger
Steven will be covering the basics of Social Engineering, different attack vectors that have worked with real world examples from friends currently conducting such tests, provide different sources to gather information on this topic, and present ways to prevent such attacks from happening in the future.
#1NLab17 - From Obstacle to Opportunity: Using Tech to Inspire Solutions One North
Architect Vinu Krishnawswamy identifies technology hurdles that digital marketers are currently facing and offers creative solutions that not only resolve these challenges, but also embrace creative and strategically sound applications of technology.
Intellectual Property Protection―
Cross Roads between Ethics, Information Security, and Internal Audit
Richard (Rick) Brunner has more than 40 years experience in information security and technology, specializing in secure systems/application design and development, system architectures, information risks and controls, testing, and strategy and program management. Rick’s past assignment was as an Assistant Vice President, Security Strategy and Architecture at GM Financial and has worked in Healthcare, Finance, Human Resources, Military, and Intelligence. Rick has 32 years of military service, both active and reserves, rising to the rank of Colonel (0-6). He holds an Executive Jurist Doctorate degree, concentration in Law and Technology from Concord Law School; Master of Science degree in Computer Science, concentration in Information Systems Security from James Madison University; and a Bachelor of Science degree in Mathematics and Computer Science from University of Texas at San Antonio. Rick is an Assistant Faculty member at Collin College, instructing courses in their cyber security program and is an active member of Collin’s Cyber Security Advisory Board. Rick holds the following certifications:
• Certified Information Systems Security Professional (CISSP) (Certification Number: 375658)
• SABSA Chartered Security Architect - Foundation Certificate (SCF) (License SCF14020703)
• ITIL Foundation Certificate in IT Service Management (Certification Number: 37823)
Layered Security / Defense in Depth
One area that I have found that even seasoned security professionals have a problem with articulating is layered security (defense in depth). Most are familiar with their area of expertise (servers, networks, pen testing, etc.), but have never viewed security as a heterogeneous process. In my presentation I use a layered diagram to highlight what controls are in what layers, what controls interact across layers, and what a complete layered security model would look like vs. what a more typical company security model does look like.
Nathan Shepard
CISSP, CISM, CRISC, CISA
33 Years in IT.
21 Years in Information Security.
Information Security consulting at the corporate governance level.
Information Security management for outsourced InfoSec delivery.
Business Geekdom: 1 = 3 = 5
Each year a security team participates in several audits, meetings with the business and strategy meetings. Often times, security is seen as one imposing requirements that are either too difficult, impossible to manage or flat out ridiculous.
This is similar to a geek. A geek is defined, as, "an unfashionable or socially inept person." Is this socially ineptness actually just the lack of the ability to translate the passion of the security professional to the business professional?
In this presentation, I would like to cover how to create, establish and evangelize a framework that has one backend with several frontends. The backend is a common security control framework (not the UCF) and the front end translates to the various business units, audits and business strategies encountered in a security professionals profession each year.
Grant Gilliam is a Enterprise and Solutions Architect for CHRISTUS Health. Previously, Gilliam has been a security architect, senior security engineer and senior data security analyst. Industries worked in include healthcare, insurance, software and news media. Gilliam has also established and created his own business focusing in outsourcing non-competitive business tasks for allowing clients a strategic advantage over competitors by minimizing FTE and contractor headcount.
His educational background includes a Master of Science in Information Systems, focusing in Information Security, and Bachelor of Business Administration in Management Information Systems, both from Baylor University. The focus of his masters degree research was IT law and Intellectual Property. Gilliam also is a Certified Information Systems Security Professional, Certified Information Security Manager and Certified Information Systems Auditor.
Day in the Life of a Security Solutions Architect
I'd like to present my "Day in the Life of a Security Solutions Architect" at Hewlett Packard Enterprise. In this presentation, I'll go into detail of what exactly I do as a security architect, and my career progression which got me there. I'll speak about my daily activities, successful client engagements, skills required, etc. I'm happy to answer any questions from the audience, share insights, what I wish I had done earlier in my career, etc.
Marco Fernandes is a Security Solutions Architect at Hewlett Packard Enterprise. Prior to that I worked in IT in the defense industry and security consulting in the commercial world. I'm also President of the North Texas Cyber Security Association. I was born in Dallas, TX, and I obtained my Bachelor of Science in Business Computer Information Systems from the University of North Texas. I've In my free time I enjoy card games, reading, fitness, watching WWE wrestling, & helping my community.
Red, Amber, Green Status: The Human Dashboard
This session will outline the importance of presenting actionable metrics for the Security Awareness program. Oftentimes security programs are presented while omitting the most constant threat to Information Systems: the human. From a security awareness perspective, we will review analytics that include key performance indicators that may already be available to you; they just need to be added to the new human dashboard.
Laurianna Callaghan currently serves as a security consultant for Ana Academy, a Dallas based security training company. Previously, Laurianna worked with Dell where she was the creator of security analytics for a major healthcare customer which were presented at the 2016 IASAP conference. In addition, Laurianna has more than 21 years experience in various IT domains. She has served as the Director of Systems Engineering for a telemarketing firm, the UNIX/MVS Manager for a major airline and has IT experience in the healthcare, communications, transportation, education, retail, and other industry sectors. Laurianna holds both the CCNA Security and CISSP designations.
Hacking Performance Management, the Blue Green Game - With a live demo!
Dr. Branden R. Williams has almost twenty years of experience in technology and information security, both as a consultant and an executive. Branden co-founded a technology services company that provided the foundation to a prominent e-learning company. He has vast experience as a practitioner and consultant which included helping companies create user-centric security controls and models. His specialty is navigating complex landscapes—be it compliance, security, technology, or business—and finding innovative solutions that save companies money while reducing risk and improving performance. Along the way, he was a Consulting Director for VeriSign/AT&T, one of four CTOs at RSA, ISSA Distinguished Fellow, elected to the PCI Board of Advisors, and author of four books.
Assuming people are rational, we all do things to maximize our payoffs. It's why things like Enron, and the Sub Prime mortgage crisis happen. This demonstration will show you a key element to designing performance management systems that employees will hack to their advantage.
ER(Entity Relationship) Diagram for online shopping - TAEHimani415946
https://bit.ly/3KACoyV
The ER diagram for the project is the foundation for the building of the database of the project. The properties, datatypes, and attributes are defined by the ER diagram.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
1. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
Email Security – Growing in
threats, quickening in pace
Erez Haimowicz
Enablement and Security
Mimecast
11-10-17
2. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
Email: The Ultimate App
With demanding business and
user requirements
24 X 7
Email Availability
ContinuousMission-critical Mobile
.2
3. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
Cyber Resilience
The technology that provides
the best possible multi-layered
protection
MULTILAYERED
SECURITY
A solution that allows you to
continue to work while the issue
is resolved
CONTINUITY
The knowledge that no matter
what, you can get back to the
last known good state
REMEDIATION
4. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
Countdown to a
breach
Verizon 2016 Data Breach Investigations Report (DBIR)
100 Seconds average time-to-
first-click
5. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
91% of all
incidents start
with a phish
Wired
6. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
You can no longer stand in front of your board and say
that you won’t have an attack.
As we all know, it’s now a case of when.
7. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
What those attacking look like
8. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
Your company
is at risk if
you.. • You have certain letters in your domain name
• You accept resumes on your website
• You have a team of people in finance
• You have a profile
• Your life is deemed interesting enough to be
on
• Your company is at
RISK if you…
9. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
Do You Have a Page Like This On Your Website?
14. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
Imagine being able
to stop EVERY
malicious file
We all know the
risks
Trust your users
not to click?
19. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
Compromised Accounts
Stolen User Credentials
Utilize Corp Web mail to spread attack internally or
externally to partners/customers
Careless Users
Sending sensitive data internally such as projects and PII
“Oops, sent it to the wrong Michael…”
Malicious Insiders
Purposely distributing malware or malicious URLs
Internal
threats!
20. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
Flawed - The technology
23% open the phish & click
Confidetial |
21. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
• To run an attack…
• You don’t even
need to know
how to code
Source: Forbes.com - "Ransomware As A Service Being Offered For
$39 On The Dark Net" 7/15/16
22. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
AND to bypass
sandboxes….
FUD (Fully
Undetectable)
Crypting Services to
avoid AV detection
• AND to bypass
sandboxes…
• FUD (Fully
Undetectable)
Crypting Services to
avoid AV Detection
23. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
Confidential |
At Risk - The human firewall
11% open the phish & run the attachment
24. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
“HEY STRANGERS - Please send me files”
25. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
‘Click to View’ Dupe
26. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
You can’t fix stupid
27. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
• Whatever we do,
they’re still around
and getting ‘creative’
28. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
Your business
needs a cyber resilience
strategy
ARCHIVING
SECURITY
CONTINUITY
29. NTXISSA Cyber Security Conference – November 10-11, 2017
@NTXISSA #NTXISSACSC5
29
Thank you
Editor's Notes
Interesting beast, email! Beyond its ubiquity, email has several other characteristics that make proper management both demanding and mission-critical:
Email has emerged into the predominant business communications medium, eclipsing even the telephone
Email is unique in creating a continuous body of business knowledge
Businesses demand 24x7 email availability
24x7 availability means anytime, anywhere access
**Countdown to a breach – 100 Seconds?
We refer to users as the human firewall and that human firewall is your weakest link.
1M 22 SECONDS THE MEDIAN TIME FOR SOMEONE TO CLICK
on a phishing link
That’s the Median, imagine what the lower outliers are.
And.. 50% of those people who do
click the link will do it within the first hour.
WHATS WORSE, WE KNOW…
95%
For the purposes of this talk, we’ll use the phrase phish
To mean spear-phishing, whaling and phishing
But in a business context
How do Attackers get their information?
An easy way to find out about a company is visit their website. Most companies have information about their executive teams. What better way to entice a user to open an email than having it look like it’s from the CEO, the CFO or some other senior leader?
Remember that it only takes one employee to “click before they think” to compromise an entire organization.
Let’s look at some of the attacks that aw are seeing as part of our service.
Phishing attack focused on getting a users password via a random mass-emailing attack.
An email from Chase Bank.
When you hover over the link you will see that the link is not legit.
Using our URL protection service you will also be able to see the User Awareness Page showing you:
The link which was automatically re-written
The email address that it was sent from (not legitimate)
Information on how to recognize a phishing attack.
An action to either exit or accept the risk
And the fact that your decision will be logged for future audit purposes.
Even if you accept the risk it will block access.
Let’s look at some of the attacks that aw are seeing as part of our service.
Phishing attack focused on getting a users password via a random mass-emailing attack.
An email from Chase Bank.
When you hover over the link you will see that the link is not legit.
Using our URL protection service you will also be able to see the User Awareness Page showing you:
The link which was automatically re-written
The email address that it was sent from (not legitimate)
Information on how to recognize a phishing attack.
An action to either exit or accept the risk
And the fact that your decision will be logged for future audit purposes.
Even if you accept the risk it will block access.
Let’s look at some of the attacks that aw are seeing as part of our service.
Phishing attack focused on getting a users password via a random mass-emailing attack.
An email from Chase Bank.
When you hover over the link you will see that the link is not legit.
Using our URL protection service you will also be able to see the User Awareness Page showing you:
The link which was automatically re-written
The email address that it was sent from (not legitimate)
Information on how to recognize a phishing attack.
An action to either exit or accept the risk
And the fact that your decision will be logged for future audit purposes.
Even if you accept the risk it will block access.
In this case this advanced phishing email with attachment is delivering a document with malicious code. This is a malware attack …very targeted.
What you will see from our attachment protect service is that we do both a safe file transfer into a PDF document which is safe to open as well as the ability to request the original file. Once the request is done the file will go through a sandbox threat service prior to it being delivered to the end user.
In this case this advanced phishing email with attachment is delivering a document with malicious code. This is a malware attack …very targeted.
What you will see from our attachment protect service is that we do both a safe file transfer into a PDF document which is safe to open as well as the ability to request the original file. Once the request is done the file will go through a sandbox threat service prior to it being delivered to the end user.
In this case this advanced phishing email with attachment is delivering a document with malicious code. This is a malware attack …very targeted.
What you will see from our attachment protect service is that we do both a safe file transfer into a PDF document which is safe to open as well as the ability to request the original file. Once the request is done the file will go through a sandbox threat service prior to it being delivered to the end user.
In this case you see a spear phishing attack impersonating a senior staff member. It is targeting an employee with authority. In this case it was send asking for a western union money transfer of $4500. Notice the email?
In this case you see a spear phishing attack impersonating a senior staff member. It is targeting an employee with authority. In this case it was send asking for a western union money transfer of $4500. Notice the email?
Layer one is of course the technology
Attackers don’t have to know how to code, they don’t even have to be smart. They can download TOX, a ransomware construction tool that provides an easy to use graphical interface that allows attackers to track how many folks have been infected and track the ransom paid
If you’re an attacker and can code but don’t know how to evade sandbox detection, that’s not a problem there’s an online service that can help. FUD- fully undetectable crypting services uses obfuscation, encryption and code manipulation.
The second layer of defense is employee awareness and vigilance.
The aim here is to a create herd alertness in your organization.
The intention is not to make everyone suspicious of everything, or make everyone a security pro, but make them alert enough to linger over a link or attachment.
The Mimecast security awareness tools help in this mission to compliment the other tactics you should use like training and perhaps simulated exercises.