ABC Corp experienced a major security breach when an employee inserted an infected USB drive found in the parking lot. This introduced malware that spread throughout ABC's systems and gathered credit card information from 20 million customers over three months. The summary identifies failures in ABC's security policies, design, and controls that allowed this breach to occur, such as lack of awareness training, outdated antivirus software, and failure to properly secure administrative access. It provides both short-term tactical solutions like incident response procedures and long-term strategic solutions such as continuous monitoring, user access controls, and moving to behavioral-based security analytics to prevent future attacks.
What’s the State of Your Endpoint Security?IBM Security
View On-Demand Webinar: https://securityintelligence.com/events/whats-state-endpoint-security/
According to the 2016 State of Endpoint Security Survey just released by the SANS™ Institute:
44% of respondents report that one or more of their endpoints have been breached in the past 24 months
Desktops, laptops and servers are the most compromised endpoints
Login and access credentials are the most commonly exfiltrated information
55% of respondents spend 3 or more hours per compromised endpoint
Over 70% of respondents find it difficult or impossible to determine when an incident has been fully remediated
These statistics encompass a wide set of industries, from financial services to education. So while each network is uniquely built to support your particular business, none is immune from being breached. To protect your data most effectively, you need a way to find the threats that are most relevant to your organization and prioritize them so you can remediate the most critical and lethal ones first.
With the seamless integration of tools such as IBM BigFix and QRadar, you get accelerated risk prioritization and incident response to keep your corporate and customer data secure. Attend this webinar to learn about the state of endpoint security and understand how IBM BigFix and IBM QRadar can help you remediate threats faster.
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
View ondemand webinar: https://securityintelligence.com/events/qradar-investment-2016/
Helping you stay ahead of cybercriminals means our work at IBM Security is never done. With data coming from every direction to collect, you need real time and historical analytics to discover anomalistic conditions that often provide the early warning signs of an attacker’s presence. Join us to hear about new features in IBM Security QRadar that can provide you with better visibility into what’s happening on your network and new integrations that will help you multiply your investment and help speed your remediation efforts.
What’s the State of Your Endpoint Security?IBM Security
View On-Demand Webinar: https://securityintelligence.com/events/whats-state-endpoint-security/
According to the 2016 State of Endpoint Security Survey just released by the SANS™ Institute:
44% of respondents report that one or more of their endpoints have been breached in the past 24 months
Desktops, laptops and servers are the most compromised endpoints
Login and access credentials are the most commonly exfiltrated information
55% of respondents spend 3 or more hours per compromised endpoint
Over 70% of respondents find it difficult or impossible to determine when an incident has been fully remediated
These statistics encompass a wide set of industries, from financial services to education. So while each network is uniquely built to support your particular business, none is immune from being breached. To protect your data most effectively, you need a way to find the threats that are most relevant to your organization and prioritize them so you can remediate the most critical and lethal ones first.
With the seamless integration of tools such as IBM BigFix and QRadar, you get accelerated risk prioritization and incident response to keep your corporate and customer data secure. Attend this webinar to learn about the state of endpoint security and understand how IBM BigFix and IBM QRadar can help you remediate threats faster.
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
View ondemand webinar: https://securityintelligence.com/events/qradar-investment-2016/
Helping you stay ahead of cybercriminals means our work at IBM Security is never done. With data coming from every direction to collect, you need real time and historical analytics to discover anomalistic conditions that often provide the early warning signs of an attacker’s presence. Join us to hear about new features in IBM Security QRadar that can provide you with better visibility into what’s happening on your network and new integrations that will help you multiply your investment and help speed your remediation efforts.
Managing a large and growing PC estate is no simple matter, particularly if you are doing it manually. Keeping a close watch on a couple of PCs can be straightforward, and a diligent IT manager will manage to keep such machines fully patched and free of troublesome software. But what happens when your estate grows beyond one or two machines?
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarIBM Security
view on demand: https://securityintelligence.com/events/dont-drown-in-a-sea-of-cyberthreats/
Security teams can be overwhelmed by a sea of vulnerabilities–without the contextual data to help them focus their efforts on the weaknesses that are most likely to be exploited. Cyberthreats need to be stopped before they cause significant financial and reputational damages to an organization. You need a security system that can detect an attack, prioritize risks and respond within minutes to shut down an attack or vulnerability that could compromise your endpoints and data.
Join this webinar and learn how IBM BigFix seamlessly integrates with IBM QRadar to provide accelerated risk prioritization and incident response to mitigate potential attacks giving you an integrated threat protection system to keep your corporate and customer data secure.
Cutting Through the Software License Jungle: Stay Safe and Control CostsIBM Security
View on demand webinar: http://event.on24.com/wcc/r/1064153/E59BB80AC2DB08E80C183ADB948A4899
If you’ve ever tried to reconcile the number of software licenses issued in your company against the number of licenses that are actually being used, you know it’s a jungle out there. In fact, one study uncovered that 85% of organizations are “accidental” software pirates, meaning they’re using more software than they paid for. In addition, many enterprises are facing unplanned and unbudgeted software license “true-up” bills from their vendors – that can cost millions of dollars. But you don’t have to. Join this webinar to get the facts and hack through the software licence jungle with IBM BigFix. We give you a consolidated, holistic view of the software you’ve deployed to help ensure audit compliance–and at the same time, help mitigate the threat of malicious software while effectively managing overall software spend.
Join this live webinar to learn how to:
- Discover all licensed and unlicensed software to pass more audits.
- Decrease software license costs by reducing the amount of unused or redundant software.
- Manage assets on hundreds -or hundreds of thousands- of Windows, Mac OS, Unix and Linux endpoints.
- Mitigate risk from malicious software including whitelist/blacklist filtering of inventory data.
Malware on Smartphones and Tablets: The Inconvenient TruthIBM Security
View on-demand webinar: http://ibm.co/21C0aKO
Recent research shows that mobile has become the hackers’ new playground. However, most users and IT professionals do not think this is a real and substantial threat.
In this on-demand session, we will outline the broad scope of risk that mobile malware poses today on iOS and Android, and explain the potential business threats. The enterprise is at a critical juncture where advanced cyber-attacks targeting mobile users are now threatening both corporate and personal information.
Listen in to IBM Security product specialist, Shaked Vax to learn how to reduce risk of data leakage and protect against malicious activity with a comprehensive approach that combines enterprise mobility management (EMM) and mobile threat management.
Top Cybersecurity Threats and How SIEM Protects Against ThemSBWebinars
Everyone has become increasingly aware of the danger hackers pose—they can steal data, dismantle systems, and cause damage that can take years to recover from. However, organizations often have a false sense of safety when it comes to their security environments. There are countless ways that businesses are making it easier for a threat actor to find their way in undetected.
Join cybersecurity expert Bob Erdman, senior security product manager, as he outlines the most common ways organizations unintentionally put themselves at risk against threats like:
Insider attacks
Alert and console fatigue
Shortage of security staff
Misconfigurations
Excessive access
By better understanding what and where the challenges are, organizations can be better equipped to find solutions. This webinar will also highlight different strategies for mitigating risk, from specific Security Information and Event Management (SIEM) tools to employee education.
How to Choose the Right Security Information and Event Management (SIEM) Solu...IBM Security
View on-demand webinar: https://securityintelligence.com/events/choose-right-security-information-event-management-siem-solution/
Learn what matters most when choosing a SIEM solution. In this session, we take a tour of the 2015 Gartner Magic Quadrant for SIEM, and IBM experts will discuss what we believe has set IBM Security QRadar® apart from other vendors for 7 consecutive years.
4 Ways to Build your Immunity to CyberthreatsIBM Security
View on demand: https://securityintelligence.com/events/4-ways-to-build-your-immunity-to-cyber-threats/
Imagine you had to consult 40 different doctors to treat an infection, and ended up with 80 different prescriptions.
Now, imagine replicating that situation in your organization’s network. That’s the environment many companies find themselves in when dealing with IT security threats.
Like infectious diseases, cyber threats will never be eliminated entirely, but they can be better contained and understood, and their effects minimized. How can this be achieved? IBM has built an enterprise-level “immune system,” an adaptive security architecture to battle today’s cyber pathogens.
Multi-disciplined IBM Security practitioners work with clients to architect, deploy and optimize the IBM Threat Protection System, continually evolving defenses, honed through the company’s heritage of solving difficult problems. The IBM Threat Protection System integrates with 450 security tools from over 100 vendors – acting as connective tissue for today’s disjointed cybersecurity infrastructure.
View this on demand webinar to gain insight into advanced threat protection that breaks down silos and speeds time to action, and learn how to bolster your security posture from the experts at IBM Security.
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Andris Soroka
Presentation from "International Data Protection Day" IT Security seminary on 28th of January, 2014, organized by "Data Security Solutions", IBM Security Systems partner in the Baltic States.
This slide deck highlights the continued growth and evolution of Core Security Technologies and helps introduce an entirely new product for enterprise security testing andmeasurement - CORE INSIGHT Enterprise.
Protecting Mission-Critical Source Code from Application Security Vulnerabili...IBM Security
View on demand: http://event.on24.com/wcc/r/1071186/DB920F7B3EC241F8D7637CE3303D6585
Session 2 of IBM’s #CoverYourApps with Application Security on Cloud Webinar Series
In this session, you’ll learn how to test application source code for potential security vulnerabilities, so that you can confidently release your organization’s applications. Special emphasis will paid on how to test code quickly and effectively, in order to keep up with the ever-increasing pace of application release schedules.
Check out the rest of our #CoverYourApps with IBM’s Application Security on Cloud Webinar Series! Register today for all three to get up to speed on the latest from IBM on Application Security on Cloud.
Use Exabeam Smart Timelines to improve your SOC efficiencyJonathanPritchard12
Exabeam uses common log sources to stitch together events in plain text to easily answer the important question: What happened before, during and after?
How Can I Reduce The Risk Of A Cyber-Attack?Osei Fortune
A professional guide to reducing the risks of a cyber attack on your business. A professionally written article that would be suitable for a technical IT blog.
Managing a large and growing PC estate is no simple matter, particularly if you are doing it manually. Keeping a close watch on a couple of PCs can be straightforward, and a diligent IT manager will manage to keep such machines fully patched and free of troublesome software. But what happens when your estate grows beyond one or two machines?
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarIBM Security
view on demand: https://securityintelligence.com/events/dont-drown-in-a-sea-of-cyberthreats/
Security teams can be overwhelmed by a sea of vulnerabilities–without the contextual data to help them focus their efforts on the weaknesses that are most likely to be exploited. Cyberthreats need to be stopped before they cause significant financial and reputational damages to an organization. You need a security system that can detect an attack, prioritize risks and respond within minutes to shut down an attack or vulnerability that could compromise your endpoints and data.
Join this webinar and learn how IBM BigFix seamlessly integrates with IBM QRadar to provide accelerated risk prioritization and incident response to mitigate potential attacks giving you an integrated threat protection system to keep your corporate and customer data secure.
Cutting Through the Software License Jungle: Stay Safe and Control CostsIBM Security
View on demand webinar: http://event.on24.com/wcc/r/1064153/E59BB80AC2DB08E80C183ADB948A4899
If you’ve ever tried to reconcile the number of software licenses issued in your company against the number of licenses that are actually being used, you know it’s a jungle out there. In fact, one study uncovered that 85% of organizations are “accidental” software pirates, meaning they’re using more software than they paid for. In addition, many enterprises are facing unplanned and unbudgeted software license “true-up” bills from their vendors – that can cost millions of dollars. But you don’t have to. Join this webinar to get the facts and hack through the software licence jungle with IBM BigFix. We give you a consolidated, holistic view of the software you’ve deployed to help ensure audit compliance–and at the same time, help mitigate the threat of malicious software while effectively managing overall software spend.
Join this live webinar to learn how to:
- Discover all licensed and unlicensed software to pass more audits.
- Decrease software license costs by reducing the amount of unused or redundant software.
- Manage assets on hundreds -or hundreds of thousands- of Windows, Mac OS, Unix and Linux endpoints.
- Mitigate risk from malicious software including whitelist/blacklist filtering of inventory data.
Malware on Smartphones and Tablets: The Inconvenient TruthIBM Security
View on-demand webinar: http://ibm.co/21C0aKO
Recent research shows that mobile has become the hackers’ new playground. However, most users and IT professionals do not think this is a real and substantial threat.
In this on-demand session, we will outline the broad scope of risk that mobile malware poses today on iOS and Android, and explain the potential business threats. The enterprise is at a critical juncture where advanced cyber-attacks targeting mobile users are now threatening both corporate and personal information.
Listen in to IBM Security product specialist, Shaked Vax to learn how to reduce risk of data leakage and protect against malicious activity with a comprehensive approach that combines enterprise mobility management (EMM) and mobile threat management.
Top Cybersecurity Threats and How SIEM Protects Against ThemSBWebinars
Everyone has become increasingly aware of the danger hackers pose—they can steal data, dismantle systems, and cause damage that can take years to recover from. However, organizations often have a false sense of safety when it comes to their security environments. There are countless ways that businesses are making it easier for a threat actor to find their way in undetected.
Join cybersecurity expert Bob Erdman, senior security product manager, as he outlines the most common ways organizations unintentionally put themselves at risk against threats like:
Insider attacks
Alert and console fatigue
Shortage of security staff
Misconfigurations
Excessive access
By better understanding what and where the challenges are, organizations can be better equipped to find solutions. This webinar will also highlight different strategies for mitigating risk, from specific Security Information and Event Management (SIEM) tools to employee education.
How to Choose the Right Security Information and Event Management (SIEM) Solu...IBM Security
View on-demand webinar: https://securityintelligence.com/events/choose-right-security-information-event-management-siem-solution/
Learn what matters most when choosing a SIEM solution. In this session, we take a tour of the 2015 Gartner Magic Quadrant for SIEM, and IBM experts will discuss what we believe has set IBM Security QRadar® apart from other vendors for 7 consecutive years.
4 Ways to Build your Immunity to CyberthreatsIBM Security
View on demand: https://securityintelligence.com/events/4-ways-to-build-your-immunity-to-cyber-threats/
Imagine you had to consult 40 different doctors to treat an infection, and ended up with 80 different prescriptions.
Now, imagine replicating that situation in your organization’s network. That’s the environment many companies find themselves in when dealing with IT security threats.
Like infectious diseases, cyber threats will never be eliminated entirely, but they can be better contained and understood, and their effects minimized. How can this be achieved? IBM has built an enterprise-level “immune system,” an adaptive security architecture to battle today’s cyber pathogens.
Multi-disciplined IBM Security practitioners work with clients to architect, deploy and optimize the IBM Threat Protection System, continually evolving defenses, honed through the company’s heritage of solving difficult problems. The IBM Threat Protection System integrates with 450 security tools from over 100 vendors – acting as connective tissue for today’s disjointed cybersecurity infrastructure.
View this on demand webinar to gain insight into advanced threat protection that breaks down silos and speeds time to action, and learn how to bolster your security posture from the experts at IBM Security.
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Andris Soroka
Presentation from "International Data Protection Day" IT Security seminary on 28th of January, 2014, organized by "Data Security Solutions", IBM Security Systems partner in the Baltic States.
This slide deck highlights the continued growth and evolution of Core Security Technologies and helps introduce an entirely new product for enterprise security testing andmeasurement - CORE INSIGHT Enterprise.
Protecting Mission-Critical Source Code from Application Security Vulnerabili...IBM Security
View on demand: http://event.on24.com/wcc/r/1071186/DB920F7B3EC241F8D7637CE3303D6585
Session 2 of IBM’s #CoverYourApps with Application Security on Cloud Webinar Series
In this session, you’ll learn how to test application source code for potential security vulnerabilities, so that you can confidently release your organization’s applications. Special emphasis will paid on how to test code quickly and effectively, in order to keep up with the ever-increasing pace of application release schedules.
Check out the rest of our #CoverYourApps with IBM’s Application Security on Cloud Webinar Series! Register today for all three to get up to speed on the latest from IBM on Application Security on Cloud.
Use Exabeam Smart Timelines to improve your SOC efficiencyJonathanPritchard12
Exabeam uses common log sources to stitch together events in plain text to easily answer the important question: What happened before, during and after?
How Can I Reduce The Risk Of A Cyber-Attack?Osei Fortune
A professional guide to reducing the risks of a cyber attack on your business. A professionally written article that would be suitable for a technical IT blog.
The Avid Life Media hack is a striking example of everything that can go wrong when a company is completely breached followed by a total disclosure of the stolen information. This attack resulted in an estimated $200 million in costs, firing of the CEO, and countless lives ruined. This presentation will review the data exposed and what can be learned to prevent this from happening to your organization.
Application Security session given as part of the Solvay Executive Master in IT Management.
Explaining application security challenges for web, mobile, cloud and internet of things.
Positioning OWASP SAMM as structural and measurable framework to get application security under control in the complete application lifecycle.
Essentials of Web Application Security: what it is, why it matters and how to...Cenzic
Join Cenzic’s Chris Harget for an overview of the essentials of Web Application Security, including the risks, practices and tools that improve security at every stage of the application lifecycle.
Corona| COVID IT Tactical Security Preparedness: Threat ManagementRedZone Technologies
Work from Home - Practical Advice on Operations and Security Impact and what to do about it.
DR and BCP Planning Ideas
Widening Attack Surface Solutions
Managing Threats Solutions
Decrypting the security mystery with SIEM (Part 1) Zoho Corporation
Decrypting the security mystery with SIEM - Part I
1. EventLog Analyzer, your complete security arsenal
2. Sealing securityloopholes: Getting to know vulnerable ports, devices, and more.
3. Combating attacks with EventLog Analyzer
a. Mitigating brute force attacks
b. Stopping the rise of ransomware
c. Containing SQL injection attacks
4. Proactively preventing insider attacks
a. Monitoring privileged user activities
5. Securing physical, virtual, and cloud environments
6. Adhering to stringent compliance rules with the integrated compliance management
With cybercrime (like denial of service, malware, phishing, and SQL injection) looming large in our digitized world, penetration testing - and code and application level security testing (SAST and DAST) - are essential for organizations to identify security loopholes in applications and beyond. We provide a guide to the salient standards and techniques for full-spectrum testing to safeguard your data - and reputation.
CISA GOV - Seven Steps to Effectively Defend ICSMuhammad FAHAD
INTRODUCTION
Cyber intrusions into US Critical Infrastructure systems are happening with increased frequency. For many industrial control systems (ICSs), it’s not a matter of if an intrusion will take place, but when. In Fiscal Year (FY) 2015, 295 incidents were reported to ICS-CERT, and many more went unreported or undetected. The capabilities of our adversaries have been demonstrated and cyber incidents are increasing in frequency and complexity. Simply building a
network with a hardened perimeter is no longer adequate. Securing ICSs against the modern threat requires well-planned and well-implemented strategies that will provide network defense
teams a chance to quickly and effectively detect, counter, and expel an adversary. This paper presents seven strategies that can be implemented today to counter common exploitable
weaknesses in “as-built” control systems.
Seven recommendations for bolstering industrial control system cyber securityCTi Controltech
Recommendations from ICS-CERT, the Industrial Control System Cyber Emergency Response Team, a division of Department of Homeland Security. Seven basic steps to follow that will substantially boost cyber security and generate awareness of the threat potential
Industrial control systems may be at least, or even more, vulnerable to intrusion and malicious attack than you desktop PC. The National Cybersecurity and Communications Integration Center outlines seven basic steps you can take to harden your industrial control system against intrusion and mischief.
This paper presents seven strategies that can be implemented today to counter common exploitable weaknesses in “as-built” control systems. Length is 6 pages.
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control SystemsMiller Energy, Inc.
This paper presents seven strategies that can be implemented today to counter common exploitable weaknesses in “as-built” control systems for industrial processes and operations.
Defending Industrial Control Systems From CyberattackCTi Controltech
Industrial control systems of all types and vintages likely are exposed to some level of unauthorized intrusion. Individuals and organizations with nefarious intent will try to gain access to information or control elements, stealing data or causing a range of inappropriate operations.
Patch, patch and patch !
This has been the go-to mantra of security professionals and the recent WannaCry ransomware attack has highlighted its importance once again.
Seqrite EPS with Centralized Patch Management -
Proven Security Approach for Ransomware Protection
REMOTE SOLAR MONITORING SYSTEM - A solution to make battery life extend by 300%Mamoon Ismail Khalid
AIM OF PROJECT
Battery Monitoring System
Efficient usage of Battery
Integrating solar panel real time data with building computer
Storage of data
Like EGAUGE
METHODS OF S.O.C MEASUREMENT
Voltage Measurement
Specific Gravity Method
Quantum Magnetism
Integrated Current Method
PROBLEMS ASSOCIATED :
Better S.O.C Measurement :
Capacity changes :
Temperature
Depth Of Discharge Effect
Charge / Discharge cycles
Self Discharge
Charge Rate (C-Rate) dependence
HOW TO INCORPORATE THESE FACTORS ?
Piece Wise Linearization :
Temperature effect
C-Factor effect
Depth Of Discharge effect
Number Of Cycles effect
Incorporate these factors through feed back control into Simulink Model
Network Traffic Adaptable Image Codec - A solution to make streaming fasterMamoon Ismail Khalid
During online video streaming, if network congestion occurs, the resolution is
downscaled, leading to deteriorated video experience.
This occurs even when slight network congestion occurs.
For example streaming videos on youtube provides option of streaming in
480p, 360p, 240p etc.
Downscaling resolution greatly reduces the bandwidth, leaving some
bandwidth unused, leading to inefficiency.
Downscaling also results in deteriorated video quality, while some bandwidth
is still unused and could have been utilized.
Proposed Solution
Keep resolution constant and vary coding parameters, e.g. macro-block size, quantization
step-size etc.
For example, assume a 1MBps channel bandwidth and a video streaming in 640*480 that needs
1.2 Mbps.
Traditional solution: reduce resolution to 320*240, requiring a bitrate of 0.6 Mbps, leaving 0.4
Mbps unused, and deteriorated video quality.
Proposed solution: Resolution remains same 640*480, adjust one parameter, required bandwidth
now: 0.9. Wasted:0.1Mbps, and enhanced video quality.
Hospital Management and Inventory Control Solution for Public Hospitals in De...Mamoon Ismail Khalid
Historic underinvestment in public health has left Ecuador
with one of the most inefficient health systems in the region.
The Problem
Little info sharing
The lack of interoperable
systems and records
management contributes to a
lack of understanding of public
health needs leads to
treatments that don't really
address overall health issues
Bureaucracy
Public health employees are
engaged in redundant
administrative tasks that divert
resources from patient care and
clog system
PAPER RECORDING OF INFORMATION
Medical assistants need to manually fill in 5
different records (1 per prescription), they
first do it in paper and then typed it in the
computer since the Wi-Fi is not reliable.
Excessive waits
Lead times for getting
appointments in and long
check in processes lead to
patients abandoning
preventative care that could
save money and improve
patient outcomes
Most people we surveyed
complained about lead time. It
becomes even more
aggravating when it’s an
emergency.
Abuse and waste
Inability to track prescriptions
and inventory offer opportunity
for abuse that undermines the
system's overall quality
The result:
Costly, Inefficient
and non-citizen
centric public
healthcare system
The result:
Costly, Inefficient
and non-citizen
centric public
healthcare system
AES is pioneering the transformation of solar installation to make it more accessible, efficient,
and scalable, thereby accelerating global decarbonization efforts. To achieve this vision, AES
has developed Atlas, a groundbreaking solar robot designed to enhance the speed, efficiency,
and safety of solar panel installation. Atlas will revolutionize the solar industry by automating
labor-intensive tasks, reducing costs, and improving project scalability
Start-up name ----> (crunchbase/Google api/Yahoo finance/LinkedIn) ---->extract features ----> classification----> analyze ------>, predict cross border expansion needs
Features:
Stage
Geography not at (to predict cross border readiness
Geography already at (to predict cross border readiness)
Number of employees (to predict cross border readiness)
Revenue stage (to predict investment need vs clientele need vs strategic partnership need)
Product stage (to predict manufacturer partnership etc.)
Corporations name ----> (crunchbase/Google api/Yahoo finance/LinkedIn) ---->extract features ----> classification----> analyze ------>, predict cross border expansion needs
Features:
Industry in at
Industries/categories in that cluster
Possible problems they could face to keep up with tech singularity
Employees worldwide
Geographies at and not at (to predict whether they have access to VCs or entrepreneurship ecosystems like Israel NYC Silicon Valley and China(Szehnzen))
Competitors in China-
When they say solution intro - keyword pick up and run search on jing data to retrieve all relevant results ---> input into “Competitors field”
Matching criteria:
Matching algorithm:
Goal: matching needs of international startups and china investors manufacturers etc
Data filtering:
Filter by participation goal: look for a company in need of capital raise? Partners? Business acceleration?
Filter by Industry/categories
Filter by Funding stage
Filter by capital needed
Filter by company valuation
Filter by expansion timeline
Filter by location of the startups(city or country)
Search for Keywords (Or company name):
Match the word in the company description or product intro
Ideal providing format of data:
Filtered data ordered by relevance score or reliability score(professional background of team member)?
PlanA: Filter data(by category, participation goal, currency allowed,timeline) and score those filtered startups, and list the top ones
PlanB: Do not filter, score every startup, and list the top ones
Joint3DShapeMatching - a fast approach to 3D model matching using MatchALS 3...Mamoon Ismail Khalid
we extend the global optimization-based
approach of jointly matching a set of images to jointly
matching a set of 3D meshes. The estimated correspon
dences simultaneously maximize pairwise feature affini
ties and cycle consistency across multiple models. We
show that the low-rank matrix recovery problem can be
efficiently applied to the 3D meshes as well. The fast
alternating minimization algorithm helps to handle real
world practical problems with thousands of features. Ex
perimental results show that, unlike the state-of-the-art
algorithm which rely on semi-definite programming, our
algorithm provides an order of magnitude speed-up along
with competitive performance. Along with the joint shape
matching we propose an approach to apply a distortion
term in pairwise matching, which helps in successfully
matching the reflexive sub-parts of two models distinc
tively. In the end, we demonstrate the applicability of
the algorithm to match a set of 3D meshes of the SCAPE
benchmark database
Attempted implementation of the following paper:
" GOLFPOSE:GOLFSWINGANALYSESWITHAMONOCULARCAMERABASEDHUMAN
POSEESTIMATION
Zhongyu Jiang1⋆, Haorui Ji2⋆, Samuel Menaker2 and Jenq-Neng Hwang1
1Dept. Electrical & Computer Engineering , University of Washington
2SPORTSBOX.AI INC.
zyjiang@uw.edu, haoruij@sportsbox.ai, samm@sportsbox.ai, hwang@uw.edu
ABSTRACT
With the rapid developments of computer vision and deep
learning technologies, artificial intelligence takes a more and
more important role in sports analyses. In this paper, to at
tain the objective of automated golf swing analyses, we pro
pose a lightweight temporal-based 2D human pose estimation
(HPE) method, called GolfPose, which achieves improved
performance than the state-of-the-art image-based HPE meth
ods. Unlike traditional image-based methods, our temporal
based method, designed for efficient and effective golf swing
analyses, takes advantage of the temporal information to im
prove the estimation accuracy of fast-moving and partially
self-occluded keypoints. Furthermore, in order to make sure
the golf swing analyses can run on mobile devices, we op
timize the model architecture to achieve real-time inference.
With around 10% of the parameters and half of the GFLOPs
used in the state-of-the-art HRNet, our proposed GolfPose
model can achieve 9.16 mean pixel error (MPE) in our golf
swing dataset, compared with 9.20 MPE for HRNet. Further
more, the proposed temporal-based method, facilitated with
golf club detection(GCD), significantly improves the accu
racy of keypoints on the golf club from 13.98 to 9.21 MPE.
Index Terms— SportsAnalysis, HumanPoseEstimation,
Golf Swing, Line Segment Detection"
There is an increased global
awareness that a modern
economy cannot reach its full
potential without nurturing the
innovation of its entrepreneurs,
and that realization enhances
the prospects for venture capital.
I am very passionate about using investment strategies combined with leveraging political and
corporate support to create radical social transformation and new markets in the developing world.
Since past year I have been compiling a set of ideas that IF implemented with the right
partnerships - can turnaround the fate of any developing country.
Please note that in this document we take the example of Pakistan. However the thesis underlying
the suggestions embedded in this document holds true in the author's opinion for other
developing countries/regions as well. Some of the ideas listed here are inspired from my work of
consulting governments and large corporations across LatAm and China. In my years of being an
investor in the U.S venture capital industry, I have had the privilege to meet entrepreneurs, Venture
Capitalists, innovation thought leaders etc. from 50+ countries (Germany, UK, Israel, India,
Singapore,Turkey, France, China, Saudi Arabia, Dubai, Iran, etc. etc.). I can safely conclude that the
secret recipe to the success of U.S. economy and military might lies, to a major credit, in the
thought leadership and effective capital market of venture capital. Most smart countries I have
worked with have figured out tailored cross border investment strategies to be involved in the U.S
innovation ecosystem. Developing countries can learn from some these examples and replicate to
achieve great outcomes
Returnable Plastics Ecosystem
Latin America’s first returnable plastics ecosystem which recycle and replaces
the 100 billion plastics products used in El-Salvador and Vietnam every year.
This is a multi-phased solution which leverages to incentivize the average consumer to follow better sorting habits (particularly sorting organic and in- organic waste separately), towards the goal of being able to extract valuable waste items from the value chain in a manner that leads to cost savings compared to the status quo methodologies.
1) Partnerships with
ecosystem
stakeholders
(corporations, and government)
2) Sophisticated
technology (computer vision, RFIDs/QR
codes, sensor, networks)
3) Business model
Innovation
(reward mechanism for good
sorting habits among consumers)
Future of agriculture agriculture - technology is a necessity in 2020 and beyondMamoon Ismail Khalid
The pace of change is accelerating with technological advances, innovative business models, and changing consumer preferences. Many of the world’s leading industries are grinding to a halt as governments across the globe attempt to thwart the further spread of Covid-19. Industries that involve bringing large numbers of people together physically are bearing the brunt, including sporting events, restaurants, education, and tourism.
But there are a few that have been deemed essential to everyday life, including healthcare, emergency services, food manufacturing, and farming.
Researched improvements on increasing efficiency of organic solar cells by utilizing and modifying the Purdue University researchers NanoMOS MATLAB simulations
https://nanohub.org/resources/1305?rev=1
There are opportunities for blockchain in many facets of commercial real estate transactions including property and title searches, financing, leasing, purchasing and selling, due diligence, managing cash flows, and payment management, including cross-border transactions.
In this document we focus on the the use cases and merits as pertinent to raising capital via Digital Initial Public Offering.
Cohort analysis is an important analysis that VC can utilize to understand the LTV and expected revenue a e-commerce/subscription driven startup can expect to generate.
A compilation of all the articles and sources I have found useful to value early stage (including pre-revenue) startups.
Sources of compiled information:
• UpCounsel https://www.upcounsel.com/startup-valuation-methods
• http://billpayne.com/wp-content/uploads/2011/01/Scorecard-Valuation-Methodology-Jan111.pdf
• https://www.investopedia.com/terms/d/dcf.asp
• https://en.wikipedia.org/wiki/Cost_of_capital
• http://andrewchen.co/how-to-measure-if-users-love-your-product-using-cohorts-and-revisit-rates/
• http://www.perceptualedge.com/articles/guests/intro_to_cycle_plots.pdf
Detect Negative and Positive sentiment in user reviews using python word2vec ...Mamoon Ismail Khalid
detect Negative and Positive Sentiment in User Reviews_using Python word2vec model
libraries used:
Unsupervised training
from gensim.models.doc2vec import TaggedDocument
from gensim.models import Doc2Vec
from sklearn.neighbors import KNeighborsClassifier
from sklearn.ensemble import RandomForestClassifier
from sklearn.model_selection import cross_val_score
import numpy as np
workflows can be made my efficient by upto 80% in the early stage venture investing process using google APIs, App Script and few other softwares .
----------------------------------------------------------------------------------------------------------------------
Written, Ideated, Implemented by Mamoon Ismail Khalid | mik279@Nyu.edu
2. Background
Incident Summary
Failures
Solutions
Strategic (Long term) Solutions
Tactical (Short term) Solutions
ISO 27001
ISMS PDCA Model
NIST Overview
Information Security Management System
(ISMS) Framework
ISMS for ABC Corp.
Bibliography
3. Background
ABC Corp is a regular Retail Store with an online business
“The financial and reputational damage that can be inflicted on a retailer by a
major security breach can be so severe, and so destructive, as to approach the
financial and reputational damage a commercial airline might suffer from a
serious accident,”
- Mark Yourek , IBM’s Global
Retail Solution Lead
Here are some are some other statistics that highlight the role of a strong
security strategy in retail stores, especially ones with e-commerce platforms
as well.
• Almost one-tenth of retailers haven’t reported any cyber risks in
financial documents filed with the SEC since 2011.
• Only 9 percent consider outsourced vendors a potential threat source
• Less than 10 percent have purchased insurance to cover any cyber
exposures, accidental or otherwise.
• Almost half (49%) of retail companies cited the use of technical
safeguards as a chief remedy for cyber risk
- Source: Dark Reading, Report: Some Retail Firms Still Don't
Recognize Cyber Security Risks
In other words, retailers don’t seem that concerned as far as their cyber
security strategies are concerned. Not since attacks like the Target breach
came to surface. That is the reason we decided to study a hypothetical attack
scenario for a retail corporation with an online business. The following figure
illustrates some more statistics about the cyber-attacks to retail businesses
over the years.
4. Incident Summary
An ABC Corp. employee accidentally picked an USB drive from the parking lot
and bought it to her work station. She plugs into her computer to check if the
owner’s information could be found. Not finding anything, the USB sticker was
submitted to the helpdesk personal, who has elevated access on his account.
When the helpdesk person plugin the USB driver to his computer, the virus
named as “Virus”, was copied to the servers and to all the workstations his
elevated access allowed him to access. As a result of this the malicious code
was be able to check the Active directory for an old contract account. And
found that the account was still active. As is usually the case, the virus didn’t
get activated right away, and instead it stayed stealth and slowly and gradually
was copied to all the POS system. This slow and residual growth of the virus is
engineered so as not to arouse suspicion in the usual “signature-based”
security solutions that are employed by most corporations.
The malware script used the compromised machine as a pivot to launch the
exploit which attached the database server, and hence exploited a SQL server
using SQL SQL Injection Attack tool. Now wwhenever in-store customers swipe
their credit cards and debit cards on the store PCS systems, the virus keeps the
records and outputs it to a file.
Magnitude of Incident:
• After three busy holiday shopping month, the attacker was able to
gather 20 million customers credit card information.
• This database was sent to overseas servers and later shown up in
underground black market.
5. Attackers Pre-knowledge:
• Hacker found vendor name from garbage bin
• Discovered that Log files only go back 30 days
Current Controls
ABC Corp. is a major retail store selling consumer products both online and in
the store. As per usual, customer uses Cash, Credit and Debit card on the POS
terminal in store. The current controls in place to support ABC Corp.’s current
information security policy:
– Antiviruses installed on every machine
– Incident triggered review policy
– “signature-based” security solutions, which tried to identify
known, malicious code patterns and block them
– Internet De-militarized zone (DMZ )for online store
– Dedicated subnets for external facing web servers
– Firewalls and router Access Control Lists (ACLs) for access controls
– Regular third party penetration tests
– Database kept online customers’ contact and payment
information
– Database encrypted credit and debit card numbers, but not user
names and contact information.
6. Failures
To understand the root causes of the attack, we would essentially have to look
at the:
Policy failures:
1) Failure to properly block USB/Media ports upon the discovery of the
breach
2) Lack of awareness on the employees part
3) Failure to install patches for SQL vulnerabilities on time
4) No expiration dates for user accounts – vastly expands the attack
exposure surface
5) User account with admin access
Design failures:
1) PCI DSS shares same network subnet from the main network - PCI POS
systems were not segmented
2) External facing servers directly on public IP address
3) Elevated user accounts were not separated from regular accounts
4) Database server that scheduled patch installs and updates were failing
with no further investigation as to why that was happening.
5) Log file only keeps past 30 days data
6) USB/Media ports were not disabled on all workstations.
7) Outside vendor account still active after contract is over
8) Database structure flaws:
a. Tables weren’t normalized. Allowed for account information,
credit card transactions and order information to be compromised
easily
7. 9) Web server code flaws
a. Didn’t use parameters which automatically encode data being
passed back to the database
b. No client or server side user input error handling present
c. Allowed unlimited login attempts
Solutions
Such breach incidents can be fatal to a business, even more so to an online
business. The solutions to recovery from such incident can be broken into
tactical (short term)and strategic (long term)
Strategic (Long Term)
There needs to be a paradigm shift in the way retail businesses look at the
essentiality of a comprehensive cybersecurity and the implications of not doing
that. Along the technology lines, there needs to be as shift in focus from the
old and soon to be driven to become obsolete by necessity, “signature” based
solutions to a more “behavioural/analytics” based solutions that employ big
data technologies to detect minor system anomalies that could potentially be
malware attacks.
8.
9. • Continuous monitoring system – by both Third-Party vendors and
Information Technology/Information Security teams.
• Raise employee awareness training – There should be periodic
information security awareness seminars and awareness campaigns.
Information Security should be inculcated in the Professional
Development program (if there is any such initiative already in place).
CISO’s need to stress the severity of a compromise to the employees,
and educate them to adopt a constant state of caution. The paradigm
needs to be shifted from a “if” to a “when”
• Deploy Patch Management System – So software patches and security
updates are installed immediately. In most breach incidents, an instant
system update can result in significant decrement in an attack exposure
surface.
• User access control – security on every click (multiple authentications)
and need-to-know basis policy
• Establish a comprehensive Incident Response procedure
• PCIDSS Compliance – Elevated access work stations must be segregated
from the other network. ABC Corp.’s network architecture design was a
violation of Payment Card Industry Data Compliance Standard (PCI DSS)
• 3rd
party security management, enforce expiration dates for all vendor
accounts.
• Periodical penetration test
• Investment in Analytics team
• Administration assets and databases should be made only available on
ABC Corp’s internal network and completely removed from our public
facing servers. Additionally, it must have a secondary authentication that
authenticates users with ABC Corps internal Windows network
• Don't store sensitive data. "There is no reason to store thousands of
records on your customers, especially credit card numbers, expiration
dates and CVV2 [card verification value] codes. The risk of a breach
outweighs the convenience for your customers at checkout
• Layer the security- Add extra layers of security to the website and
applications such as contact forms, login boxes and search queries."
These measures will ensure that your ecommerce environment is
10. protected from application-level attacks like SQL (Structured Query
Language) injections and cross-site scripting (XSS).
• Monitor site regularly--and make sure whoever is hosting it is, too-
Tools like Woopra or Clicky allow you to observe how visitors are
navigating and interacting with your website in real time, allowing you to
detect fraudulent or suspicious behavior. They are capable of sending
our alerts to all personnel on alert roster when there is suspicious
activity, allowing them to act quickly and prevent suspicious behavior
from causing harm.
• Also, make sure whoever is hosting the ecommerce site regularly
monitors the servers for malware, viruses and other harmful software.
Explore the current or potential Web host if they have a plan that
includes at least daily scanning, detection and removal of malware and
viruses on the website.
• Perform regular PCI scans. Perform regular quarterly PCI scans through
services like Trustwave to lessen the risk of the ecommerce platform
being vulnerable to hacking attempts. If the company is using third-party
downloaded software like (Magento or PrestaShop), they must stay on
top of new versions with security enhancement.
• Patch the systems immediately- literally the day they release a new
version. That includes the Web server itself, as well as other third-party
code like Java, Python, Perl, WordPress and Joomla, which are favorite
targets for attackers.
Tactical (Near term)
We recommend the CISO of ABC Corps to follow the following best practices
for Online Retail business in dealing with cyber security threats:
To use the latest endpoint security solutions which base their data
collection on kernel-level integration:
CYBERREASON
AORATO
• Update employee training to raise user awareness.
11. • Dedicated subnet for PCI systems – This is a huge design flaw, and needs
to re- engineered by the Information Technology/Information Security
teams.
• Third party penetration test to find vulnerability – for immediate
diagnosis of system vulnerabilities.
• Separate elevated access accounts from regular accounts.
• Introduce “Break Glass” policy – which allows for exceptional elevated
access to authorized people if admin access is needed in case of an
attack.
CISO of the ABC Company should induct an information security strategy,
the doctrine of which should be centric around the following policies:
• Fixation on penetration prevention - focuses on the adversarial activity
that is going on within your network by the use of big-data analytics and
machine learning technologies.
• Accepting simple explanations. Solution: Always dig deeper. Security
events are not caused by error or accident. Every piece of evidence
should be over-analysed and malicious intent must always be
considered. Because your security teams cannot know all adversarial
activities, in a sense they are at a disadvantage; therefore, it is crucial for
the teams to over-investigate what they can see in order to reveal other
unknown and undetected connecting elements. Security teams must
always assume they only see half the picture, working diligently to
uncover the rest of the pieces of the puzzle.
Example of documents to use: system configuration logs, time logs,
intrusion detection logs, employee system usage logs, process
actions, file access information, network events and configuration
changes on the endpoints
• Striving for fast remediation. Solution: Leverage the known. Instead of
remediating isolated incidents as fast as possible, the security team
should closely monitor the known to understand how it connects to
other elements within the environment and strive to reveal the
12. unknown. For example, an unknown malicious process can be revealed if
it is connecting to the same IP address as a detected known malicious
process. Moreover, when you reveal to the hackers which of their tools
are easy to detect, hackers can purposely deploy, in excess, the known
tools to distract and waste the defender’s time.
• Focusing on malware. Solution: Focus on the entire attack. Although
detecting malware is important, solutions that mainly focus on detecting
isolated activity on individual endpoints are unable to properly combat
complex hacking operations. Instead, employ a more holistic defense.
Leverage automation - analytics and threat intelligence in particular - in
order to gain context on the entire malicious operation, as opposed to
just the code. Keep in mind that your adversary is a person and malware
is one of their most powerful tools, but one of many in their tool kits.
ISO27001 Overview
In helping ABC Corp. draft their updated information security strategy, we
propose the use of ISO 270001. Why? Because it:
• Most widely recognized security standard in the world
• More flexible and comprehensive in its coverage of security controls
• Process centric Information Security Management System (ISMS)
Framework
• Address Information security issues across industries
Information Security Management System (ISMS) Framework can be
illustrated by the figure below as essentially a 4 step framework.
13. ISMS PDCA Model
• Review/audit
security
management
and controls
•Implement
identified
improvements,
corrective/preve
ntive actions
• Implement
and manage
Security
controls/proc
ess
• Define
Security
Policies and
procedures
PLAN DO
CHECKACT
14. Implementation Approach
Phase I - Baseline Information Security Assessment
• Identify the scope and coverage of Information Security
• Assess the Current Environment
• Prepare baseline information security assessment report
Phase II - Design of Information Security Policy & Procedures
• Establish Security Policy, Organization & Governance
• Asset Profiling
• Risk Assessment
• Risk treatment (Identification of ISO27001 Controls& Additional
Controls)
• Formulate Information Security Policy & Procedures
• Prepare Statement of Accountability
Phase III - Implementation of Information Security Policy
• Implementation of Controls
• Security Awareness training
Phase IV - Pre Certification Audit
Review by Internal team
15. NIST Overview
NIST Architecture is centred on 5 steps:
- Identify
Develop the organizational understanding to manage cybersecurity risk
to systems, assets, data, and capabilities. The activities in the Identify
Function are foundational for effective use of the Framework.
Understanding the business context, the resources that support critical
functions, and the related cybersecurity risks enables an organization to
focus and prioritize its efforts, consistent with its risk management
strategy and business needs.
Examples of outcome Categories within this Function include: Asset
Management; Business Environment; Governance; Risk Assessment; and
Risk Management Strategy
- Protect – Develop and implement the appropriate safeguards to ensure
delivery of critical infrastructure services.
The Protect Function supports the ability to limit or contain the impact
of a potential cybersecurity event. Examples of outcome Categories
within this Function include: Access Control; Awareness and Training;
16. Data Security; Information Protection Processes and Procedures;
Maintenance; and Protective Technology.
- Detect
Develop and implement the appropriate activities to identify the
occurrence of a cybersecurity event. The Detect Function enables timely
discovery of cybersecurity events. Examples of outcome Categories
within this Function include: Anomalies and Events; Security Continuous
Monitoring; and Detection Processes.
- Respond – Develop and implement the appropriate activities to take
action regarding a detected cybersecurity event. The Respond Function
supports the ability to contain the impact of a potential cybersecurity
event. Examples of outcome Categories within this Function include:
Response Planning; Communications; Analysis; Mitigation; and
Improvements.
- Recover – Develop and implement the appropriate activities to maintain
plans for resilience and to restore any capabilities or services that were
impaired due to a cybersecurity event. The Recover Function supports
timely recovery to normal operations to reduce the impact from a
cybersecurity event. Examples of outcome Categories within this
Function include: Recovery Planning; Improvements; and
Communications.
17. In the following section, we will explain how the ISMS Framework, derived
from ISO 27001 can be used by ABC Corp. as they define their Information
Security Strategy.
Information Security Management System
(ISMS) Framework
1. Security Policy
2. Organization of Information Security
3. Assets Management
4. Human Resource Security
5. Physical and Environmental Security
6. Communications and Operations Management
7. Access Control
8. Information system acquisition, development and maintenance
9. Information Security Incident Management
10.Business Continuity Planning
11.Compliance
18. ISMS framework for ABC Corp.
• Revisit company policies on a periodic manner -- Security Policy
• Assemble an Information Security (IS) group with appointed IS officers
who would be responsible for the management and execution of daily
tasks and responsibilities required for the security systems and policies
to be enforced--Organization of Information Security
• Know where everything is, Dispose Assets properly, Maintain inventory
of physical and electronic assets-- Asset Management
• Awareness and training campaigns aimed at educating employees about
the security policy and importance to the company. In the case of ABC
Corp. the employee should not have plugged the USB into her
workstation to discover its ownership. Neither should the helpdesk
personal should have. In addition to employee awareness, the CISO
must also implement Vendor Management steps, in order to make sure
the third party vendors whose services might be used by ABC Corp. (for
example, internet web hosting companies, outsourced data center and
help desk services, outsourced security solutions from third party
vendors) -- Human Resource Security
• Security Cameras must be installed and the corporate facility must be
secured. The attacker had access to ABC Corp. employee parking lot and
was able to use the garbage disposal to discover vendor name.
Corporate perimeters must be secured and budget must be allocated for
the hiring of security personnel. -- Physical and Environmental Security
• Monitoring the network. Segment PCI network from other subnets --
Operations Management
• Elevated access, separate role of duty, need-to-know vs role-based --
Access Control
• Process data correctly – Info. system acquisition, development and
maintenance
• Incident Response Plan -- Information Security Incident Management
• Business Continuity Planning (BCP), Public relation -- Business Continuity
Planning
• Federal, State, International - PCI DSS -- Compliance
19. 1) Security Policy
Ensure information security functions are performed by groups.
Ensure adequate information security management and coverage.
Created to communicate to the organization how to use products
(infrastructure/ hardware, applications/software) to make certain there is
adequate information security.
An organization’s high level instructions
Computer security rules
Management’s directives or decisions on the use of
resources (e.g. email privacy policy.)
Not be confused with the enforcement mechanisms
Benefits
Provides basis and guide for an organization’s security
program.
Establish commitment to the security program.
Benchmarks that can be used to track progress.
Ensure consistency within security program.
Provides a due diligence paper trail.
Basic Rules
Don’t conflict with the law.
Can stand up in court, if challenged.
Supported and administered.
Contribute to the success of the organization.
Shared and supported by management.
Formulated with input from end users of information
systems.
20. Policy: is a high level formal statement sanctioned by senior
management about the organization’s information security
philosophy and is used to drive the standards.
Standards: are more detailed statements as to what employees
must do to comply with policy.
Practices, procedures and guidelines: specify how employees are
to comply with policy.
Policy and Law
Policies must be secondary to law.
Polices should specifically state that the law overrides policy
if they differ.
Regulators can force organizations to follow policies.
Lawyers should review policies prior to dissemination.
o ISO 27001 policy framework
The following picture depicts how Policies drive Standards which
drive Practices, Procedures and Guidelines.
21. 2) Organization of Information Security
Security Councils
Ensure information security functions are performed by
groups
Ensure adequate information security management and
coverage.
Coordinate and integrate the information security program
across major areas:
Share best practice methods, perform benchmarking and
actively work together on industry standards.
3) Assets Management
Prioritize assets based on quantifiable metrics that General
Management, Information Security and Information must all work in
congruence with each other to come up with. Securely dispose of assets
that are outdated or provide frivolous access points to a potential
attacker. In addition, when data files and physical transaction
receipts/files are being disposed, they must be disposed properly and it
must be made sure that no body is able to access the information that is
disposed. Employees must be trained about the importance of securing
their company issued assets like laptops, cell phones, tablets. They must
maintain an inventory for the electronic assets of the company so as to
keep track of them and also so that all the assets can be backed up when
an employee leaves the organisation.
22. 4) Human resource Security
Focus on the security controls needed to minimize the
information security and operational risks.
Conduct background checks of employees and companies
who are being used for outsourced solutions.
Utilize non-disclosure agreements as needed – to cover the
liability issue as well as to make sure that no sensitive
information is leaked from the inside.
Create and publish “Need-to-know” and “Need-to-have”
policies on information sharing.
Ensure “separation of duties” where appropriate – to
ensure that the organizational machinery is not too
dependent on any single person or department.
Actively administer user facility and systems access.
Utilize “role-based” access control systems.
Conduct user access reviews.
23. 5) Physical Security
The figure above illustrates a labelling mechanism for categorizing the
access levels in the physical locations of the company office/headquarter
premises.
Physical Security refers to the Practices focused on strategies to protect
people, physical assets and the workplace from various threats.
Protect people, physical assets, and the workplace from
various threats, including fire, unauthorized access, and
natural disasters.
Physical security is at the foundation and core of the
“defense-in-depth”
Focuses on:
Security needs for equipment and services
Human resources required for physical security
Financial resources for physical security
24. Location of Facility:
Geological risks (seismic zones, flooding,
landslides)
Crime, political unrest, social unrest
Accessibility to facility
Review Documentation: check on the up-to-date
documentation
Check International/Industry Standards Compliance
Conduct Visual Walk-Through
Evaluate Physical Security Infrastructure
6) Operations Management
NIST Special Publication 800-137 – Information Security
Continuous Monitoring
25. Each manager in an organization regardless of their affinity to one of the
following communities must make tangible steps to reduce risk in the following
manners:
The general management should structure the IT department and the
Information Security strategy in such a way that they provide a defence
against an attack on the company’s information assets- like data,
hardware, software, people, procedures, reports, strategies.
IT management must work to serve the information technology needs of
the organization at large, and at the same time leverage the expertise of
the information security resources that have been made available to it.
Information Security management must work with diligence, skill and
professionalism in congruence with other departments and
organizational communities in order to balance the trade-offs between
information security and information utility
For any organization to manage its risk properly, the managers must be fully
aware of the information assets that are valuable to the organization, and how
information is stored, transmitted and processed. Risk is inherent in simple
organizational decisions like hiring, marketing products, internal//external
communication systems, and even in deciding the physical location of the
office building. These inherent risks comprise of third party risks (people,
processes, technology etc.).
All three communities must bear responsibility for the risk management and
assessment.
Information Security team : Since this team is the subject matter expert
and best understands the risks that are introduced by specific threats and
attacks, they must take the leadership role in third party risk assessment.
Information Technology (IT): This team is responsible for building the
tools that safeguard a company’s value assets. They have to be very
mindful and educated about the risks that are posed to the organization
because of the specific technology loopholes and constraints of the
software solutions that the company has implemented. They must also
implement proper control mechanisms to monitor and control risk.
26. Management and users-at-large : This group, if well educated about the
importance of information security, often times plays the role of first
layer in Detection and Response. They must also be responsible for
allocating enough resources (money and human resources) into the IT
and Information Security teams.
The Information Security Risk Assessment should mandate around the cyclic
steps listed below. Of course we can go in great extents about the details of
each of the steps, but that would go beyond the scope of the project.
START
Evaluation of Risk controls
Determinations of cost-effectiveness of control options
Installation of the proper controls
Overseeing the controls
Identification of the risks
Assessment of the risks
Summarization of the findings
GO TO THE FIRST STEP
The threats the above proposes cyclic steps should be looking out for are time
varying and ever-evolving. However some of the basic and ever present-
threats as well as some new ones to look out for are listed below:
• Human mistakes
• Intellectual Property
• Intentional trespassing
• Information extortion
• Actions aimed at sabotaging and destruction of assets
27. • Theft
• Software assault
• Natural calamities
• Compromising of quality
• Hardware malfunctioning
• Software failure
• Obsolescence of technology
7) Access Control
As discussed previously as well, access control policies include:
• Personnel with Elevated Access should be segregated from the
regular front facing IP domains.
• “Need to know” / “Role-based” Access Control Lists (ACL’s)
• “Security on every click” – multiple credentials login for secure
resources access
• Linux strengthening by standardization using :
Standard Operating Environment (SOE)
Standard Operating Environment Management Platform
(SOEMP)
• Access Control managed centrally using platforms such as Centrify or
IdM.
28. 8) Information System Maintenance
• Process data with latest encryption standards. Example:
– AES for Wireless Communication
Deploy Patch Management System - literally the day they release a new
version. That includes the Web server itself, as well as other third-party
code like Java, Python, Perl, WordPress and Joomla, which are favorite
targets for attackers."
"Breached sites are constantly found running a three-year-old version of
PHP or ColdFusion from 2007," says Pogue. So it's critical you install
patches on all software: "Your Web apps, Xcart, OSCommerce, ZenCart
and any of the others all need to be patched regularly."
• Third party maintenance for all functions including functions outsourced
to third party services e.g. :
– Database management
– Software development
– Web site hosting
Make sure whoever is providing these third party services regularly
monitors the servers for malware, viruses and other harmful software.
Explore the current or potential Web host if they have a plan that
includes at least daily scanning, detection and removal of malware and
viruses on the website.
29. 9) Incident Management and Business Continuity planning
(BCP)
Figure: Threat scenarios response
ABC Corp. should use:
Intrusion Detection and Prevention Systems (IDPS)
Log Management technologies and best practices
Threat modeling frame works like:
STRIDE
DREAD
Trike
CVSS
OCTAVE
30. to come up with threat scenarios responses:
Incident Reaction Planning
Disaster Recovery Planning
Business Continuity Planning
After an incident has occurred the analytics and diagnostic tools must be run to
immediately report upon the statistics of the breach, and how the business is
going to recover from it. Business Continuity Planning refers to a set of
procedures, policies, strategies for reaching out to the 20 million customers
whose information was stolen, and making sure that their loyalty is retained.
BCP for ABC Corp. includes reaching out to the customers, notifying them,
enduring then that appropriate measure have been taken to make sure that
the organization is doing everything possible to limit the extent of the damage.
Public Relations and customer detainment teams must kick into action
31. 10) Compliance
ABC Corp. must meet the following necessary information security-related
legal and regulatory compliance requirements.
State data breach notification
Forty-seven states, the District of Columbia, Guam, Puerto
Rico and the Virgin Islands have enacted legislation
requiring private, governmental or educational entities to
notify individuals of security breaches of information
involving personally identifiable information.
Security breach laws typically have provisions regarding
who must comply with the law (e.g., businesses, data/
information brokers, government entities, etc); definitions
of “personal information” (e.g., name combined with SSN,
driver’s license or state ID, account numbers, etc.); what
constitutes a breach (e.g., unauthorized acquisition of data);
requirements for notice (e.g., timing or method of notice,
who must be notified); and exemptions (e.g., for encrypted
information).
Federal regulations
Federal Information Security Management Act (FISMA)
Gramm–Leach–Bliley Act (GLBA)
Health Insurance Portability and Accountability Act of 1996
(HIPAA)
Sarbanes–Oxley Act (SOX)
International standards
Payment Card Industry Data Security Standard (PCI DSS)
32. 11) Information Security Measures
Information security dashboards used to measure the effectiveness of security
controls – both technical and managerial.
Benefits
• Increased Accountability
• Improve Information Security Effectiveness
• Demonstrate Compliance
• Provide Quantifiable Inputs for Resource Allocation
Decisions
Success Factors
• Strong Upper-Level Management Support
• Practical Information Security Policies & Procedures
• Quantifiable Performance Measures
• Results-oriented Measures Analysis
Roles and Responsibilities
• Agency Head / Chief Information Officer
• Senior Information Security Officer
• Program Manager/Information System Owner
• Information System Security Officer
• Additional stakeholders
33. 12) Security Testing
Security testing must be conducted on a regular basis, by both third party
services and by in-house information security (IS) and information technology
(IT) teams. The security testing must essentially be of three types:
Acceptance Testing
o User acceptance testing
o Operational acceptance testing (OAT)
o Contract and regulation acceptance testing
o Alpha and beta testing
Social Engineering
o Pretexting
o Diversion
o Phishing
o IVR/Phone Phishing
Penetration Testing – NIST Four Phases
o Planning
o Discovery
o Attack
o Reporting