33rd TWNIC IP OPM: Practical Incident Response & Threat IntelligenceAPNIC
APNIC Senior Security Specialist Adli Wahid gives practical advice on incident response and threat intelligence at the 33rd TWNIC IP OPM in Taipei, Taiwan, on 5 December 2019
My team and I were tasked with exploring viable startup ideas that AAA could develop into a $50-100 Million business within the next ten years. After conducting research and interviewing potential customers, we found there was a growing need for cyber-security insurance to assist public-sector companies in the case of a ransomware attack. We found the Total Addressable Market and identified several risky assumptions and designed an experiment to test these assumptions, refining and improving upon our idea as we progressed through the case.
This document discusses treating cybersecurity risks like public health issues by collecting and analyzing cyber threat data. It proposes adopting approaches used by Patient Safety Organizations (PSOs) that collect medical error data to identify risks. PSOs analyze error sources, propose prevention methods, and raise awareness. Similarly, the document argues, cyber risk intelligence programs should collect online data on cyber attacks, standardize it, analyze trends to manage organizational and supply chain risks, and educate stakeholders. It promotes the speaker's company, SurfWatch Labs, as providing a solution to bridge tactical cybersecurity and strategic insights through real-time healthcare cyber reports and samples.
A summary of the common, surprising, and concerning lessons learned from our validation meetings during the start up phase of our company.
The research is completely subjective, but represents common issues expressed regardless of industry, size, complexity, or perceived maturity.
Regulators and policymakers are increasingly concerned about cyber risks, as attacks are becoming more frequent, damaging, and potentially systemic. While financial institutions have focused on credit, market and liquidity risks, attention must also be paid to operational and cyber risks. Responding effectively to cyber threats requires more than just technical measures - organizations must improve cyber hygiene, culture, and agility. Most importantly, preparation is key - identifying threat scenarios, gradually building capabilities, and planning comprehensive incident response, so organizations are able to manage attacks and recover when they do occur.
The document discusses modern approaches to security risk assessment that improve upon common practices. It advocates estimating risks through calibrated expert judgment using techniques like measuring base rates, panel-based estimation, and risk calibration training. Risks should be expressed probabilistically using things like likelihood curves and Monte Carlo simulation to better reflect uncertainty. Tools like the risk universe model, bow-tie diagrams, and quantitative analysis can help operationalize the risk assessment process.
33rd TWNIC IP OPM: Practical Incident Response & Threat IntelligenceAPNIC
APNIC Senior Security Specialist Adli Wahid gives practical advice on incident response and threat intelligence at the 33rd TWNIC IP OPM in Taipei, Taiwan, on 5 December 2019
My team and I were tasked with exploring viable startup ideas that AAA could develop into a $50-100 Million business within the next ten years. After conducting research and interviewing potential customers, we found there was a growing need for cyber-security insurance to assist public-sector companies in the case of a ransomware attack. We found the Total Addressable Market and identified several risky assumptions and designed an experiment to test these assumptions, refining and improving upon our idea as we progressed through the case.
This document discusses treating cybersecurity risks like public health issues by collecting and analyzing cyber threat data. It proposes adopting approaches used by Patient Safety Organizations (PSOs) that collect medical error data to identify risks. PSOs analyze error sources, propose prevention methods, and raise awareness. Similarly, the document argues, cyber risk intelligence programs should collect online data on cyber attacks, standardize it, analyze trends to manage organizational and supply chain risks, and educate stakeholders. It promotes the speaker's company, SurfWatch Labs, as providing a solution to bridge tactical cybersecurity and strategic insights through real-time healthcare cyber reports and samples.
A summary of the common, surprising, and concerning lessons learned from our validation meetings during the start up phase of our company.
The research is completely subjective, but represents common issues expressed regardless of industry, size, complexity, or perceived maturity.
Regulators and policymakers are increasingly concerned about cyber risks, as attacks are becoming more frequent, damaging, and potentially systemic. While financial institutions have focused on credit, market and liquidity risks, attention must also be paid to operational and cyber risks. Responding effectively to cyber threats requires more than just technical measures - organizations must improve cyber hygiene, culture, and agility. Most importantly, preparation is key - identifying threat scenarios, gradually building capabilities, and planning comprehensive incident response, so organizations are able to manage attacks and recover when they do occur.
The document discusses modern approaches to security risk assessment that improve upon common practices. It advocates estimating risks through calibrated expert judgment using techniques like measuring base rates, panel-based estimation, and risk calibration training. Risks should be expressed probabilistically using things like likelihood curves and Monte Carlo simulation to better reflect uncertainty. Tools like the risk universe model, bow-tie diagrams, and quantitative analysis can help operationalize the risk assessment process.
The document describes an experiment to test if children's favorite M&M colors would influence which colors they picked from a bowl. The hypothesis was that children would pick their favorite colors. Participants picked 20 M&Ms each with one arm behind their back. Their selections and favorite colors were recorded. The results showed people did not predominantly pick their favorite colors, failing to support the hypothesis.
Smart grid in the Critical National InfrastructureOllie Whitehouse
A presentation from the IET's Cyber Security in Modern Power Systems held in Manchester, England in May 2015 on Smart grid in the Critical National Infrastructure.
Designing and building post compromise recoverable servicesOllie Whitehouse
A look at how to design and build services, systems, networks, hosts and applications that are designed to be able to successfully deal with a security compromise.
The deck also touches on the topics of self-healing systems and potential applications of machine learning to the problem space.
NCC Group C Suite Cyber Security Advisory ServicesOllie Whitehouse
This document discusses the importance of proactive cyber risk management for companies. It notes that executives must take a holistic approach to understanding cyber threats, implications for the business, and how to respond to incidents. It then provides an overview of the cybersecurity consulting services offered by NCC Group, including risk assessments, strategy development, incident response planning, and audits. The goal is to help organizations enhance their cyber resilience and ability to effectively manage risks and respond to threats.
A short presentation covering the important aspects of an software security assurance effort in agile development environments. Towards the end we provide tips of how it can work in the real-world...
Why defensive research is sexy too.. … and a real sign of skillOllie Whitehouse
This document discusses the importance and challenges of defensive cybersecurity research. It notes that while offensive research may be easier due to exploitable technology vulnerabilities, defensive research is important for protecting systems and data from attackers. Defensive research involves efforts like finding and mitigating vulnerabilities, developing detection and response capabilities, understanding evolving attack techniques, and improving security standards and implementations. The document outlines many open challenges in areas like phishing, malware, memory corruption, and forensics. It argues that to be successful, defensive ideas must be practical, scalable, cost-effective, and widely adopted. The rewards of defensive research are more intangible compared to offensive research, but are still very important for enhancing security.
From Problem to Solution: Enumerating Windows Firewall-Hook DriversOllie Whitehouse
This document describes how NCC Group developed techniques to detect and enumerate port knocking hooks on Windows Server 2003 hosts that were being used by the Shell Crew malware. They reverse engineered the Windows TCPIP.SYS driver to understand how firewall hook drivers work and identified how to retrieve the list of hooked functions from memory. This allowed them to create a kernel driver and Volatility plugin to detect the hooks on live systems and memory dumps. They also implemented the port knocking protocol to develop a network scanner. Their work helped with an incident response and provided tools to analyze compromised systems.
Secure App Aspirations: Why it is very difficult in the real worldOllie Whitehouse
This document discusses the challenges of developing secure applications in the real world. It notes that secure development practices like threat modeling and code reviews are difficult to implement properly due to lack of skills and resources. Specifically, it outlines issues like the high costs of secure development, difficulties conducting threat modeling across distributed teams, challenges keeping developers focused on code reviews, and risks from lack of source code visibility for third-party libraries and cloud services. The document concludes that while secure practices are important, true security can be difficult to achieve given real-world constraints faced by development teams.
This document discusses tactics for red team operations on Windows networks. It begins by covering techniques for gaining initial access and situational awareness, such as using PowerShell commands to enumerate users, computers, and network information. It then discusses abusing domain trust relationships and using PowerView to operate across trusts. Escalation techniques like PowerUp for privilege escalation and Mimikatz for token manipulation are also covered. The document discusses persistence methods like Golden Tickets and WMI. It finally covers techniques for locating and accessing file shares to retrieve sensitive information, using PowerView commands. The overall message is that while tactics remain the same, tools and implementations are continually evolving to facilitate red team operations.
The document discusses analyzing Windows binaries to identify weaknesses without access to debug symbols or source code. It describes checking the binaries for compiler/linker protections like ASLR, DEP, stack cookies; banned and dangerous API usage; .NET security settings; and defensive coding practices. The author then demonstrates their tool for performing this analysis on binaries, noting existing tools' limitations, and concludes some binaries may have lower defenses without symbol information.
Securing your supply chain & vicarious liability (cyber security)Ollie Whitehouse
This document discusses securing supply chains and evaluating third party risks. It introduces a cyber security maturity model for supply chains with five levels from immature to mature. Key points covered include information classification systems, assessing risks from third party suppliers, challenges around unencrypted media, and analyzing culture with suppliers. The best supply chains have a mature approach with defined security strategies, ongoing risk management, validation of standards, and overall cyber resilience.
NCC Group Pro-active Breach Discovery: Network Threat AssessmentOllie Whitehouse
NCC Group's Cyber Defense Operation team conduct pro-active network threat assessment exercises that help inform executives and their teams as to exposure exists today. As part of an NCC Group NTA we pro-active identify breaches, poor practices such as unencrypted protocol usage and unintended cloud service usage.
A presentation providing a high-level overview of the problems that organizations face with regards to cyber security and the available options to the,
Assuring the Security of the Supply Chain - Designing best practices for cybe...Ollie Whitehouse
A presentation given at the 2nd Annual Financial Services Cyber Security Summit in London. Looking at cyber security risk and how it has historically applied to the supply chain.
We present a maturity model, where the best or the rest are on it and how it can be applied.
Advanced Threat Protection: Lessons from a Red Team ExercisePeter Wood
Peter Wood is the CEO of First Base Technologies, an ethical hacking firm. He has decades of experience in cybersecurity. The document describes a red team exercise conducted by First Base against a client. It involved remote reconnaissance, spear phishing to steal credentials, and physical attacks on branch and head offices. The attacks were successful due to issues like unsecured computers and lack of visitor verification. The lessons highlighted weaknesses in the client's security controls that could be improved.
Practical Security Assessments of IoT Devices and Systems Ollie Whitehouse
This talk briefly discusses strategies and methodologies than can be employed when assessing IoT devices. We look at how to develop credible threat scenarios for different IoT device and systems, perform static and dynamic attack surface mapping, perform static firmware analysis, perform static hardware analysis, undertake a dynamic device security analysis, sources of supporting information, supporting capability requirements and establishment, Execution of dynamic device analysis and approaches around network protocol analysis.
A presentation given at the Glasgow Caledonian University, Digital Forensics Student Conference in 2014 discussing some of the technical challenges we face in cyber forensics and possible research areas.
Private sector cyber resilience and the role of data diodesOllie Whitehouse
This whitepaper intended for enterprise architects and cyber security professionals looks at the role of data diodes in modern network design and operation.
Almost 70 years since the first computer bug was discovered, there has been decades of research done on Information Security theory and practice. Yet, despite vast amounts of money being spent, innumerable academic papers, mainstream media obsession, and entire industries being formed, we are left with the impression that the risk is growing, not receding. Why? Some argue a lack of data, but data clearly exists. We’re likely generating it, in some areas, faster than humans will ever be able to process it. Perhaps, after all of this effort, we’ve managed to box ourselves into metaphors and first principles that might be inappropriately constraining how we think about “Information Security Risk”. In fact, it’s worth noting that we can’t even agree if there is a space between “Cyber” and “Security” when it’s written out. This talk will take an anecdotal look at “Information Security Risk”, “What IS Cyber Security?”, and use that perspective to suggest areas of research that are either lacking or should be made more accessible to the markets, industries, and individuals driving risk management change. In an industry filled with data, perhaps an examination of empty space might be helpful.
The document summarizes an ICSA Technology Conference focused on cyber security that was held on Friday, November 4, 2017. The conference included chair remarks, discussions on building business confidence in cyber security, the evolving cyber threat landscape, ransomware and cyber extortion, and how to respond to a cyber security breach. Speakers addressed questions organizations have about current cyber risk levels and how to understand and address cyber threats through practical measures.
The document describes an experiment to test if children's favorite M&M colors would influence which colors they picked from a bowl. The hypothesis was that children would pick their favorite colors. Participants picked 20 M&Ms each with one arm behind their back. Their selections and favorite colors were recorded. The results showed people did not predominantly pick their favorite colors, failing to support the hypothesis.
Smart grid in the Critical National InfrastructureOllie Whitehouse
A presentation from the IET's Cyber Security in Modern Power Systems held in Manchester, England in May 2015 on Smart grid in the Critical National Infrastructure.
Designing and building post compromise recoverable servicesOllie Whitehouse
A look at how to design and build services, systems, networks, hosts and applications that are designed to be able to successfully deal with a security compromise.
The deck also touches on the topics of self-healing systems and potential applications of machine learning to the problem space.
NCC Group C Suite Cyber Security Advisory ServicesOllie Whitehouse
This document discusses the importance of proactive cyber risk management for companies. It notes that executives must take a holistic approach to understanding cyber threats, implications for the business, and how to respond to incidents. It then provides an overview of the cybersecurity consulting services offered by NCC Group, including risk assessments, strategy development, incident response planning, and audits. The goal is to help organizations enhance their cyber resilience and ability to effectively manage risks and respond to threats.
A short presentation covering the important aspects of an software security assurance effort in agile development environments. Towards the end we provide tips of how it can work in the real-world...
Why defensive research is sexy too.. … and a real sign of skillOllie Whitehouse
This document discusses the importance and challenges of defensive cybersecurity research. It notes that while offensive research may be easier due to exploitable technology vulnerabilities, defensive research is important for protecting systems and data from attackers. Defensive research involves efforts like finding and mitigating vulnerabilities, developing detection and response capabilities, understanding evolving attack techniques, and improving security standards and implementations. The document outlines many open challenges in areas like phishing, malware, memory corruption, and forensics. It argues that to be successful, defensive ideas must be practical, scalable, cost-effective, and widely adopted. The rewards of defensive research are more intangible compared to offensive research, but are still very important for enhancing security.
From Problem to Solution: Enumerating Windows Firewall-Hook DriversOllie Whitehouse
This document describes how NCC Group developed techniques to detect and enumerate port knocking hooks on Windows Server 2003 hosts that were being used by the Shell Crew malware. They reverse engineered the Windows TCPIP.SYS driver to understand how firewall hook drivers work and identified how to retrieve the list of hooked functions from memory. This allowed them to create a kernel driver and Volatility plugin to detect the hooks on live systems and memory dumps. They also implemented the port knocking protocol to develop a network scanner. Their work helped with an incident response and provided tools to analyze compromised systems.
Secure App Aspirations: Why it is very difficult in the real worldOllie Whitehouse
This document discusses the challenges of developing secure applications in the real world. It notes that secure development practices like threat modeling and code reviews are difficult to implement properly due to lack of skills and resources. Specifically, it outlines issues like the high costs of secure development, difficulties conducting threat modeling across distributed teams, challenges keeping developers focused on code reviews, and risks from lack of source code visibility for third-party libraries and cloud services. The document concludes that while secure practices are important, true security can be difficult to achieve given real-world constraints faced by development teams.
This document discusses tactics for red team operations on Windows networks. It begins by covering techniques for gaining initial access and situational awareness, such as using PowerShell commands to enumerate users, computers, and network information. It then discusses abusing domain trust relationships and using PowerView to operate across trusts. Escalation techniques like PowerUp for privilege escalation and Mimikatz for token manipulation are also covered. The document discusses persistence methods like Golden Tickets and WMI. It finally covers techniques for locating and accessing file shares to retrieve sensitive information, using PowerView commands. The overall message is that while tactics remain the same, tools and implementations are continually evolving to facilitate red team operations.
The document discusses analyzing Windows binaries to identify weaknesses without access to debug symbols or source code. It describes checking the binaries for compiler/linker protections like ASLR, DEP, stack cookies; banned and dangerous API usage; .NET security settings; and defensive coding practices. The author then demonstrates their tool for performing this analysis on binaries, noting existing tools' limitations, and concludes some binaries may have lower defenses without symbol information.
Securing your supply chain & vicarious liability (cyber security)Ollie Whitehouse
This document discusses securing supply chains and evaluating third party risks. It introduces a cyber security maturity model for supply chains with five levels from immature to mature. Key points covered include information classification systems, assessing risks from third party suppliers, challenges around unencrypted media, and analyzing culture with suppliers. The best supply chains have a mature approach with defined security strategies, ongoing risk management, validation of standards, and overall cyber resilience.
NCC Group Pro-active Breach Discovery: Network Threat AssessmentOllie Whitehouse
NCC Group's Cyber Defense Operation team conduct pro-active network threat assessment exercises that help inform executives and their teams as to exposure exists today. As part of an NCC Group NTA we pro-active identify breaches, poor practices such as unencrypted protocol usage and unintended cloud service usage.
A presentation providing a high-level overview of the problems that organizations face with regards to cyber security and the available options to the,
Assuring the Security of the Supply Chain - Designing best practices for cybe...Ollie Whitehouse
A presentation given at the 2nd Annual Financial Services Cyber Security Summit in London. Looking at cyber security risk and how it has historically applied to the supply chain.
We present a maturity model, where the best or the rest are on it and how it can be applied.
Advanced Threat Protection: Lessons from a Red Team ExercisePeter Wood
Peter Wood is the CEO of First Base Technologies, an ethical hacking firm. He has decades of experience in cybersecurity. The document describes a red team exercise conducted by First Base against a client. It involved remote reconnaissance, spear phishing to steal credentials, and physical attacks on branch and head offices. The attacks were successful due to issues like unsecured computers and lack of visitor verification. The lessons highlighted weaknesses in the client's security controls that could be improved.
Practical Security Assessments of IoT Devices and Systems Ollie Whitehouse
This talk briefly discusses strategies and methodologies than can be employed when assessing IoT devices. We look at how to develop credible threat scenarios for different IoT device and systems, perform static and dynamic attack surface mapping, perform static firmware analysis, perform static hardware analysis, undertake a dynamic device security analysis, sources of supporting information, supporting capability requirements and establishment, Execution of dynamic device analysis and approaches around network protocol analysis.
A presentation given at the Glasgow Caledonian University, Digital Forensics Student Conference in 2014 discussing some of the technical challenges we face in cyber forensics and possible research areas.
Private sector cyber resilience and the role of data diodesOllie Whitehouse
This whitepaper intended for enterprise architects and cyber security professionals looks at the role of data diodes in modern network design and operation.
Almost 70 years since the first computer bug was discovered, there has been decades of research done on Information Security theory and practice. Yet, despite vast amounts of money being spent, innumerable academic papers, mainstream media obsession, and entire industries being formed, we are left with the impression that the risk is growing, not receding. Why? Some argue a lack of data, but data clearly exists. We’re likely generating it, in some areas, faster than humans will ever be able to process it. Perhaps, after all of this effort, we’ve managed to box ourselves into metaphors and first principles that might be inappropriately constraining how we think about “Information Security Risk”. In fact, it’s worth noting that we can’t even agree if there is a space between “Cyber” and “Security” when it’s written out. This talk will take an anecdotal look at “Information Security Risk”, “What IS Cyber Security?”, and use that perspective to suggest areas of research that are either lacking or should be made more accessible to the markets, industries, and individuals driving risk management change. In an industry filled with data, perhaps an examination of empty space might be helpful.
The document summarizes an ICSA Technology Conference focused on cyber security that was held on Friday, November 4, 2017. The conference included chair remarks, discussions on building business confidence in cyber security, the evolving cyber threat landscape, ransomware and cyber extortion, and how to respond to a cyber security breach. Speakers addressed questions organizations have about current cyber risk levels and how to understand and address cyber threats through practical measures.
ISACA talk - cybersecurity and security cultureCraig McGill
PwC's talented senior cybersecurity and infosec manager Ross Foley recently gave a great talk on the growing importance of security culture within infosec. Here are the slides to help raise awareness of this issue.
This document provides an overview of key concepts related to risk management, including definitions of risk, vulnerability, probability, and impact. It discusses approaches to assessing risk such as quantifying probability and impact, analyzing threats and vulnerabilities, and measuring the effectiveness of security controls. The document is authored by Phillip Banks and copyrighted by The Banks Group Inc., which provides risk consulting and security services. It references numerous standards and guidelines for risk and security management.
Brunswick Intelligence - Building reputational resilience to cyber attackBrunswick Group
Cybersecurity is a business critical risk not just an IT issue. The reputational damage of a cyber breach is often less than the technical damage inflicted, the money lost, or the regulatory fines. With new threats proliferating at startling speed how companies respond to an attack can be more important than the attack itself. The good news is that companies can seize this challenge to differentiate themselves from the competition and earn a greater level of trust from stakeholders.
Learn more about the four steps companies can take to build their reputational resilience to cyber attack.
This document discusses the growing threat of cyber attacks and the need for organizations to build cyber resilience. It notes that financial institutions in particular may have become distracted from cyber risks in recent years. The key issues outlined are that cyber attacks represent an undeclared war, failures can be silent, risk is challenging to analyze, and cyber risk is systemic. It defines cyber resistance as having secure design, mature controls, good risk decisions and other practices, while cyber resilience relies more on situational awareness, technical agility, and organizational readiness to solve problems. Building successful cyber programs requires addressing all of these aspects through specialist practices and developing capabilities ahead of standards.
Learn the five steps all businesses must follow to protect themselves from costly data breaches. This will be the first of a monthly series to educational webinars for small business leaders. Knowing is the first step in protecting your business.
Learn the five steps all businesses must follow to protect themselves from costly data breaches. This will be the first of a monthly series to educational webinars for small business leaders. Knowing is the first step in protecting your business.
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
This document summarizes a presentation on cybersecurity risks for law firms and how to protect sensitive client data. The presentation covers:
1. Tips for preventing cyberattacks including having security plans, policies for employees and vendors, and implementing best practices.
2. The response required after a data breach, including activating an incident response plan, securing systems, notifying authorities and counsel, and conducting forensics.
3. Different legal obligations for law firms compared to corporations after a breach in terms of state breach notification laws and preserving attorney-client privilege.
Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...SurfWatch Labs
Threat intelligence needs to be in a language the business understands. SurfWatch Labs can help connect cyber threat intelligence to business operations in order to help manage cyber risk.
1. The document summarizes an interview with Malcolm Harkins, Chief Security and Trust Officer at Cylance, about preventing malware infections and how organizations struggle to keep up with prevention methods and identifying risks.
2. Harkins notes that organizations suffer from alert fatigue and are unable to keep up with the constant "whack-a-mole" of security issues. He suggests deploying lightweight prevention agents that can work both online and offline.
3. When asked about how customers struggle, Harkins says they need solutions to reduce risks, lower security costs, and decrease friction between security and business operations. Most organizations find it difficult to continuously manage all the new technologies, software, and third parties joining
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...PECB
Organizations need to implement a risk management strategy in order to mitigate, and whenever possible, eliminate cyber risks and threats.
ISO/IEC 27032 and ISO 31000 combined help you to manage cyber risks.
Amongst others, the webinar covers:
• ISO/IEC 27032 vs. ISO 31000
• IRTVH Assessment Framework
Presenters:
Sherifat Akinwonmi
Sherifat is a Cyber Security professional with over 12 years of experience across diverse industries including Agriculture, Oil & Energy Services, Pharmaceuticals, Financial and IT services.
She is part of the top 20 Canadian Women in Cybersecurity – ITWC. She is also a Business Information Security Officer (BISO) with one of the top banks in Northern America.
Sherifat is member of several boards including the Advisory Board for Canadian Women in Cybersecurity, Girls & Women Technological Empowerment Organization (GWTEO).
She has a great passion and interest in enabling women in their professional careers. She volunteers her time mentoring young people to launch their careers in Technology and supports the less privileged.
Geary Sikich
Geary Sikich is a Senior Crisis Management Consultant at Health Care Service Corporation (HCSC). Prior to joining HCSC, Geary was a Principal with Logical Management Systems, Corp., a management consulting, and executive education firm with a focus on enterprise risk management, contingency planning, executive education and issues analysis. Geary developed LMSCARVERtm the “Active Analysis” framework, which directly links key value drivers to operating processes and activities. LMSCARVERtm provides a framework that enables a progressive approach to business planning, scenario planning, performance assessment and goal setting.
Prior to founding Logical Management Systems, Corp. in 1985 Geary held a number of senior operational management positions in a variety of industry sectors. Geary served in the U.S. Army; responsible for the initial concept design and testing of the U.S. Army's National Training Center and other related activities. Geary holds a M.Ed. in Counseling and Guidance from the University of Texas at El Paso and a B.S. in Criminology from Indiana State University.
Geary has developed and taught courses for Norwich University, University of Nevada Reno, George Washington University and University of California Berkley. He is active in Executive Education, where he has developed and delivered courses in enterprise risk management, contingency planning, performance management and analytics. Geary is a frequent speaker on business continuity issues business performance management.
Date: October 12, 2022
Chinatu Uzuegbu is a managing cyber security consultant with over 20 years of experience in IT and 10 years in cyber security. She holds numerous cyber security certifications and has advised organizations on proactively combating cyber crimes. She recommends identifying information assets, classifying them by value through impact analysis, understanding multi-layered security concepts like the CIA triad and security controls, performing risk analysis to determine ideal controls, and maintaining security baselines in line with standards to remain resilient against threats.
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorSandra (Sandy) Dunn
The document discusses how to build an effective security awareness program by empowering and engaging employees rather than intimidating them. It advocates treating employees as "cyber warriors" rather than victims by providing them with the right information and tools to help defend the organization from cyber threats. Some key points made include: focusing on employee engagement; using "nudging" tactics rather than scare tactics to motivate better security behaviors; tailoring the message to different audiences; and measuring the impact of the program through before-and-after baselines. The goal is to change employee mindsets around security and turn intimidated, confused workers into empowered protectors of organizational data and systems.
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
Main points covered:
• Understanding the inverted economics of cyber security, the incentives for cyber crime and its effect on the growing threat
• Inefficiencies with the traditional approaches to cyber risk assessment and why we are not making more progress in enhancing cyber defenses
• Resetting roles and responsibilities regarding cyber security within organizations
• Developing empirical, cost-effective cyber risk assessments to meet the evolving threat
Our presenter for this webinar is Larry Clinton, the president of the Internet Security Alliance (ISA), a multi-sector association focused on Cybersecurity thought leadership, policy advocacy, and best practices. Mr. Clinton advises both industry and governments around the world. He has twice been listed on the Corporate 100 list of the most influential people in corporate governance. He is the author of The Cyber Risk Handbook for Corporate Boards. PWC has found the use of this Handbook improves cyber budgeting, cyber risk management and helps create a culture of security. The Handbook has been published in the US, Germany, the UK and Latin America. He is currently working on a version for the European Conference of Directors Associations as well as versions for Japan and India. Mr. Clinton also leads ISA, public policy work built around their publication “The Cyber Security Social Contract” which the NATO Center of Cyber Excellence in Estonia asked for a briefing on.
Recorded Webinar: https://www.youtube.com/watch?v=8qVtoqi37X8
Priming your digital immune system: Cybersecurity in the cognitive eraLuke Farrell
Learn how cognitive security may be a powerful tool in addressing challenges security professionals face.
New capabilities for a
challenging era
Security leaders are working to address three gaps
in their current capabilities
—
in intelligence, speed
and accuracy. Some organizations are beginning to
explore the potential of cognitive security solutions
to address these gaps and get ahead of their risks
and threats. There are high expectations for this
technology. Fifty-seven percent of the security
leaders we surveyed believe that it can significantly
slow the ef forts of cybercriminals. The 22 percent of
respondents who we call “Primed” have started their
journey into the cognitive era of cybersecurity
—
they
believe they have the familiarity, the maturity and the
resources they need. To begin the journey, it is
important to explore your weaknesses, determine
how you want to augment your capabilities with
cognitive solutions and think about building education
and investment plans for your stakeholders.
This document summarizes a presentation on cybersecurity risk governance. It discusses the high degree of risk boards face from cyber attacks, noting a large increase in ransomware attacks and payments in 2020. The ransomware threat is very high. Public sectors are primary targets due to weaker defenses from budget pressures. Cyber attacks can cause privacy failures, reputational problems, high response costs, and civil liability. The presentation then provides an overview of key cybersecurity concepts for boards like asset management, defense in depth, and the NIST Cybersecurity Framework. It examines how boards can provide oversight in each framework area such as identifying critical data and access controls for protecting information.
Digital Marketing with a Focus on Sustainabilitysssourabhsharma
Digital Marketing best practices including influencer marketing, content creators, and omnichannel marketing for Sustainable Brands at the Sustainable Cosmetics Summit 2024 in New York
Discover timeless style with the 2022 Vintage Roman Numerals Men's Ring. Crafted from premium stainless steel, this 6mm wide ring embodies elegance and durability. Perfect as a gift, it seamlessly blends classic Roman numeral detailing with modern sophistication, making it an ideal accessory for any occasion.
https://rb.gy/usj1a2
[To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations]
This PowerPoint compilation offers a comprehensive overview of 20 leading innovation management frameworks and methodologies, selected for their broad applicability across various industries and organizational contexts. These frameworks are valuable resources for a wide range of users, including business professionals, educators, and consultants.
Each framework is presented with visually engaging diagrams and templates, ensuring the content is both informative and appealing. While this compilation is thorough, please note that the slides are intended as supplementary resources and may not be sufficient for standalone instructional purposes.
This compilation is ideal for anyone looking to enhance their understanding of innovation management and drive meaningful change within their organization. Whether you aim to improve product development processes, enhance customer experiences, or drive digital transformation, these frameworks offer valuable insights and tools to help you achieve your goals.
INCLUDED FRAMEWORKS/MODELS:
1. Stanford’s Design Thinking
2. IDEO’s Human-Centered Design
3. Strategyzer’s Business Model Innovation
4. Lean Startup Methodology
5. Agile Innovation Framework
6. Doblin’s Ten Types of Innovation
7. McKinsey’s Three Horizons of Growth
8. Customer Journey Map
9. Christensen’s Disruptive Innovation Theory
10. Blue Ocean Strategy
11. Strategyn’s Jobs-To-Be-Done (JTBD) Framework with Job Map
12. Design Sprint Framework
13. The Double Diamond
14. Lean Six Sigma DMAIC
15. TRIZ Problem-Solving Framework
16. Edward de Bono’s Six Thinking Hats
17. Stage-Gate Model
18. Toyota’s Six Steps of Kaizen
19. Microsoft’s Digital Transformation Framework
20. Design for Six Sigma (DFSS)
To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations
HOW TO START UP A COMPANY A STEP-BY-STEP GUIDE.pdf46adnanshahzad
How to Start Up a Company: A Step-by-Step Guide Starting a company is an exciting adventure that combines creativity, strategy, and hard work. It can seem overwhelming at first, but with the right guidance, anyone can transform a great idea into a successful business. Let's dive into how to start up a company, from the initial spark of an idea to securing funding and launching your startup.
Introduction
Have you ever dreamed of turning your innovative idea into a thriving business? Starting a company involves numerous steps and decisions, but don't worry—we're here to help. Whether you're exploring how to start a startup company or wondering how to start up a small business, this guide will walk you through the process, step by step.
Top mailing list providers in the USA.pptxJeremyPeirce1
Discover the top mailing list providers in the USA, offering targeted lists, segmentation, and analytics to optimize your marketing campaigns and drive engagement.
Easily Verify Compliance and Security with Binance KYCAny kyc Account
Use our simple KYC verification guide to make sure your Binance account is safe and compliant. Discover the fundamentals, appreciate the significance of KYC, and trade on one of the biggest cryptocurrency exchanges with confidence.
How to Implement a Strategy: Transform Your Strategy with BSC Designer's Comp...Aleksey Savkin
The Strategy Implementation System offers a structured approach to translating stakeholder needs into actionable strategies using high-level and low-level scorecards. It involves stakeholder analysis, strategy decomposition, adoption of strategic frameworks like Balanced Scorecard or OKR, and alignment of goals, initiatives, and KPIs.
Key Components:
- Stakeholder Analysis
- Strategy Decomposition
- Adoption of Business Frameworks
- Goal Setting
- Initiatives and Action Plans
- KPIs and Performance Metrics
- Learning and Adaptation
- Alignment and Cascading of Scorecards
Benefits:
- Systematic strategy formulation and execution.
- Framework flexibility and automation.
- Enhanced alignment and strategic focus across the organization.
Event Report - SAP Sapphire 2024 Orlando - lots of innovation and old challengesHolger Mueller
Holger Mueller of Constellation Research shares his key takeaways from SAP's Sapphire confernece, held in Orlando, June 3rd till 5th 2024, in the Orange Convention Center.
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.AnnySerafinaLove
This letter, written by Kellen Harkins, Course Director at Full Sail University, commends Anny Love's exemplary performance in the Video Sharing Platforms class. It highlights her dedication, willingness to challenge herself, and exceptional skills in production, editing, and marketing across various video platforms like YouTube, TikTok, and Instagram.
Navigating the world of forex trading can be challenging, especially for beginners. To help you make an informed decision, we have comprehensively compared the best forex brokers in India for 2024. This article, reviewed by Top Forex Brokers Review, will cover featured award winners, the best forex brokers, featured offers, the best copy trading platforms, the best forex brokers for beginners, the best MetaTrader brokers, and recently updated reviews. We will focus on FP Markets, Black Bull, EightCap, IC Markets, and Octa.
The 10 Most Influential Leaders Guiding Corporate Evolution, 2024.pdfthesiliconleaders
In the recent edition, The 10 Most Influential Leaders Guiding Corporate Evolution, 2024, The Silicon Leaders magazine gladly features Dejan Štancer, President of the Global Chamber of Business Leaders (GCBL), along with other leaders.
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Final ank Satta Matka Dpbos Final ank Satta Matta Matka 143 Kalyan Matka Guessing Final Matka Final ank Today Matka 420 Satta Batta Satta 143 Kalyan Chart Main Bazar Chart vip Matka Guessing Dpboss 143 Guessing Kalyan night
The Genesis of BriansClub.cm Famous Dark WEb PlatformSabaaSudozai
BriansClub.cm, a famous platform on the dark web, has become one of the most infamous carding marketplaces, specializing in the sale of stolen credit card data.
How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....Lacey Max
“After being the most listed dog breed in the United States for 31
years in a row, the Labrador Retriever has dropped to second place
in the American Kennel Club's annual survey of the country's most
popular canines. The French Bulldog is the new top dog in the
United States as of 2022. The stylish puppy has ascended the
rankings in rapid time despite having health concerns and limited
color choices.”
Structural Design Process: Step-by-Step Guide for BuildingsChandresh Chudasama
The structural design process is explained: Follow our step-by-step guide to understand building design intricacies and ensure structural integrity. Learn how to build wonderful buildings with the help of our detailed information. Learn how to create structures with durability and reliability and also gain insights on ways of managing structures.
Structural Design Process: Step-by-Step Guide for Buildings
Red Teaming and the Supply Chain
1. Red Teaming and the Supply Chain
.. proportional red teaming assessments of the supply chain
NCC Group Security Assurance Europe
2. But first…
"We may be at the point of diminishing returns by trying to buy
down vulnerability"
"maybe it’s time to place more emphasis on coping with the
consequences of a successful attack, and trying to develop
networks that can ‘self-heal’ or ‘self-limit’ the damages inflicted
upon them”
Gen. Michael Hayden (USAF-Ret.) ex NSA and CIA head
February, 2012
3. Today’s common approach to cyber
• Governance & compliance
• Risk strategy and management
• Education
• Technical discovery, measurement and validation
• Management
• Technical counter measures
• Security operations
• Response
4. Today’s common problems with cyber
We have data… we struggle to get information
We have risk models …we struggle with accuracy
We have technical counter measures … we have people
We have finite
resource!
15. Red Teaming & Defense: Reality…
We often only need one control failure or mistake to gain
an internal foothold
.. then we are an insider! ..
16. Red Teaming: Provides Insight
• Is education / security culture effective?
• Are the technical counter measures working?
• Can your security operations detect?
• How does your incident response work in reality?
• Are the risk models accurate?
.. proportional to attacker profile/capabilities
18. Red Teaming: Supply Chain Insight
• Are they capable as they say they are?
• Are they doing what they say they are?
• Is my exposure what I expect it to be?
• Can I detect misuse?
… plus the other insights
19. Today’s Cyber Risk Reality
• We often look at ‘things’ in isolation
• We rarely consider subtle interplays or interconnects
• Supply chains work due to pooled aggregated effort
• Real-world cyber security is more nuanced than our
models reflect
… it’s hard ...
20. Our Most Mature Clients Concerns..
Confidence they are getting information from their data
.. thus not being able to feed their risk models
.. thus not understanding their true exposure
.. thus not having confidence in their ability to detect
.. thus wavering on their ability to respond
.. thus concern risk/exposure/liability is excessive
.. thus poor ROI from current spend
21. ..
Red teaming is a real-world end-to-end assessment
with scaled representative threat attacker capabilities
Red teaming the supply chain can be the next step on the
maturity model for some organizations
NCC Group continues to invest heavily to facilitate
Threat/Open Source Intelligence – ex police and government team
Piranha – phishing platform
Hive – command and control
EDG – exploit development group and implant development
22. Closing Thoughts..
2015 Information Security Breaches Survey
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/432413/bis-15-303_information_security_breaches_survey_2015-executive-eummary.pdf
23. Europe
Manchester - Head Office
Cheltenham
Edinburgh
Leatherhead
London
Milton Keynes
Amsterdam
Copenhagen
Munich
Zurich
North America
Atlanta
Austin
Chicago
Mountain View
New York
San Francisco
Seattle
Australia
Sydney
Thanks! Questions?
Blog:
https://www.nccgroup.trust/uk/about-
us/newsroom-and-events/blogs/
Twitter:
@NCCGroupInfoSec
Ollie Whitehouse
ollie.whitehouse@nccgroup.trust