SlideShare a Scribd company logo

Showreel ICSA Technology Conference

Download as PPTX, PDF
Institute of Chartered Secretaries and Administrators
Institute of Chartered Secretaries and Administrators

ICSA Technology Conference

Technology
1 of 122
ICSA Technology Conference: focus on cyber security Friday 4 November, 2017
Join the conversation @ICSA_News #ICSATechConf
Chair’s opening remarks Mark Child, Managing Director GLE Consulting Limited
Building business confidence
Cyber Security The ICSA Technology Conference 2016 ICSA: THE GOVERNANCE INSTITUTE 4TH NOVEMBER 2016
Cyber security – everyone’s pet subject • Undoubtedly the topic of the moment • But, is it anything new? • How worried should we really be? • How, in practical terms, do we understand and tackle ‘cyber threat’?
Questions… “What are we doing about Cyber?” “Can we be hacked?” “What is our current level of Cyber risk?” “Should we be doing penetration testing?” “Can’t we just take out insurance?”
It’s an opportunity for the authorities too “The biggest threat to the UK way of life will come from cyber terrorism rather than traditional attacks on cities and people”. David Blunkett “If the US government does not improve cyber defences, we will leave our nation and our economy vulnerable". Barak Obama “Cyber security is a Tier 1 threat to the nation and has become a strategic risk management issue for all organisations.” MI6
Hardware and software vendors… …are never blind to a sales and marketing opportunity either!
Threat landscape • Main themes over the last year. • The risk landscape is dynamic and continuously evolving. • Cybercrime in Financial Services is the domain of organised criminals - focussed on monetising their technical advantage. • Ransom-ware • Phishing • Data theft • Wire-fraud (and ‘whale phishing’) • Smaller organisations are as equally likely to be in the firing line as large firms. Their relative lack of resources mean that they are easier to compromise and exploit. • Increased reliance on third party suppliers – a significant hidden security risk. • The threat therefore remains real, current and relevant to all.
Threat landscape – The global state of information security survey 2015
Threat landscape – global Implementation of key security safeguards
Threat landscape – global
Ransomware and cyber extortion Martin Lee Technical Lead, Security Research Team Lead, Talos Outreach EMEA, Cisco
Martin Lee Technical Lead Security Research
Digitisation of Crime
Acquisitive Crime “The Conjurer” Hieronymus Bosch c.1480
Cyber Crime Business Model Compromised System Steal CPU Cycles Steal Bandwidth Steal Data Mine bitcoins DDOS Send spam Credential theft Identity theft
Ransomware - A New Model
Ransomware Rogues Gallery Name AIDS Trojan Date Dec 1989 Spread Diskette Ransom $189 (by post) Encryption Symmetric (file names only)
Ransomware Rogues Gallery Name Reveton Cryptolocker Cryptowall 2.0 Locky Date May 2012 Sep 2013 Sep 2014 Feb 2016 Spread Exploit kits (web) Email Malvertising Email Ransom $200 by Ukash, Bitcoin $400 by Ukash or Bitcoin $500 or bitcoin $300 - $400 Tor, Bitcoin Encryption various RSA-2048 bit Including network drives RSA- 2048 bit RSA-2048 + AES-256 including network drives also web site version.
Angler EK - The Money
Distribution
Zepto - Spam
Malvertising
A Major News Site 26 Domains 39 Hosts 171 Objects 557 Connections
Angler EK Infection Demo
SamSam – March 2016 Scan for JBoss vulnerability Encrypt files & demand payment Install SamSam malware Install web shell Expand presence on network
SamSam – March 2016
Vulnerable Systems 3.2 million ‘at risk’ machines Scan for JBoss vulnerability CVE-2010-0738 Install web shell 2100 installed web shells
A Future Ransomware Model Establish initial access Escalate privileges Identify critical systems Install ransomware Collect payment Scan for vulnerabilities Maximising lost value for the victim Minimising costs for the attacker
www.talosintelligence.com blog.talosintel.com @talossecurity martinle@cisco.com
Incident response: what to do in the event of a cyber breach Mark Child, Managing Director and Neil May, Senior Manager, Technology Risk Management GLE Consulting Limited
What To Do In The Event of A Cyber Breach Incident Response ICSA: THE GOVERNANCE INSTITUTE 4TH NOVEMBER 2016
You might be feeling a bit like this… Rabbit in the headlights!
Or, depending on your board… Possibly like this.
The big question is … Is this really an entirely new threat that we are facing?
Our view But, there are some trends: ― We are noticing more and larger breaches. ― Breaches and data leaks are making the news – there is public, media and regulatory interest. ― The criminals are getting smarter. The threat is NOT new. ‘Cyber’ is a convenient label for information risk in the 21st Century
Our view – how do we respond? Pursue a strategy of defence-in-depth Avoid our historic fixation on ‘the perimeter’ This is not a purely technical problem. The solution is not necessarily a technical one. Technical controls remain key. The weakest links are likely to be: Your people Your third party suppliers & partners And So But
Summary ― ‘Cyber threat’ is nothing new – in our view! ― But it is serious. ― Target defence in depth. ― Staff, contractors and suppliers are now your weakest link. ― Get back to basics on information governance ― Apply technology solutions intelligently to support & enable.
History quiz
History quiz
Just how successful was it? Not very successful at all!
Perception versus reality We think we are building this… But we have potentially built this…
Case studies – poor practices ― October 2015 ― Cause: Simple (and old) technical exploit (executed by a 15 year-old boy) ― Immediate result: 150,000 customer records stolen (0ver 15,000 full bank details) ― Incident/crisis management extremely poor: ― CEO unprepared & poorly briefed ― Scope of breach massively over-estimated ― Response ill-judged (500,000 customers given ‘free upgrade’) ― Impacts: ― REPUTATION – Lost 95,000 customers in year 1 ― FINANCIAL – Current financial cost estimated at £60m ― REGULATORY – Formally sanctioned by ICO (Fined 400k)
Case studies – insider threat ― December 2014 ― Cause: Malicious software deployed via ‘phishing’ attack used to obtain IDs and passwords ― Politically motivated ― Immediate result: 100 terabytes of data stolen (the whole of the “.co.uk” domain is only 68 Tb) ― Data included entire movies, financials, staff data, salary data, email records ― Data posted on the internet for download ― Impacts: ― REPUTATION – Deputy CEO forced to resign due to damaging email content ― FINANCIAL – Current financial cost estimated at $15m (impact reduced by insurances and managed legal response).
Case studies – third party ― Spring 2014 ― Cause: Security compromise at third party AirCon and Ventilation contractor – access gained to Target’s network. ― Immediate result: 70m customer records and 40m credit card records harvested across 1,797 stores over extended period ― Data downloaded by criminals in Russia. ― Impacts: ― FINANCIAL – Current financial cost to Target estimated at $61m (Industry-wide costs estimated at $200m)
Get back to basics ― It’s not just about the enemy at the gates (i.e. the perimeter) ― The perimeter is hard to define these days ― We cannot rely solely upon prevention – our detection and response capability must improve. We need to take the threat seriously.
Get back to basics ― Technology and tools of the highest quality can be undermined by weaknesses in basic security practices. ― Or by a flawed corporate culture. ― Cyber/Information risk is a problem for the entire business to resolve – not just IT! ― Today’s cyber criminals recognise this and exploit it by adopting a range of approaches which step away from the purely technical and exploit weaknesses in the way that organisations manage, control and interact with their information. ― A full frontal assault is unlikely to be profitable – an attacker will target compromise from the inside. And they can be very patient.
Get back to basics Fundamentally, addressing the Cyber Threat means going back to basics, looking again at your organisation and the controls you already have: ― Understanding your people – what threats do they pose? After all there is no patch for stupidity! ― Understanding your organisation’s information, where it is and how it is used. ― Identifying the main risks to physical and information assets. ― Ensuring that the right measures are adopted to mitigate risk to within acceptable levels – balancing cost versus risk.
Get back to basics – governance foundations Unless the foundations of good information and security governance are working well, any investment in security technology will most likely be wasted. Fundamental areas for focus are: ― Staff security training and awareness. ― Robust oversight and management of third party suppliers ― Software & hardware patch management ― Intelligent management & admin of user access. ― Clear policies on security, acceptable system use and social media. People. Process. Tools. In that order!
Get back to basics – making it work For effective and sustainable governance: ― Setting, maintaining and continuing to evolve the “tone at the top”. ― Monitoring of information risk management by the Board of Directors. ― Ongoing, practical and relevant awareness training. ― Independent assurance. ― Regular, risk-based security testing. Inside and outside the perimeter.
What happens if a security breach occurs? ― If a security breach occurs, organisations that follow clearly documented plans to reduce the impact of the breach have a much better chance of staying out of the law courts and avoiding punishment ― Most organisations unfortunately don't have good systems for actually managing the problem. If a breach occurs, the law is really concerned with your behaviour at that point in time. You can't unravel the past and pretend the breach didn't occur, it's what you do from that point on that will determine your culpability ― On top of having well documented systems and procedures, organisations need to have clearly defined actions for dealing with a breach and limiting the damage to those affected. This is likely to involve multiple disciplines that could include information security specialists, IT resources, a PR agency, legal advice and credit reporting services ― If you adopt an honourable stance from the outset, doing the right thing at the right time, then your legal team is in a very strong position to defend you to the regulator arguing that you're not the kind of organisation that has the profile that requires all of the effect of the law and therefore the punishment
How to protect organisations from security breaches ― Take some basic steps to "build a protective shield”, most notably: ― Build a single unified security policy ― Ensure information security forms part of any contract initiation ― Make security part of the process when any project is initiated ― Employee adequacy – ensure you have processes for handling new employees, changes of job, and for employees exiting the company; show that they were made aware of security requirements ― Third-party assurance – have processes in place to guard information held by third parties ― Culture – have a managerial structure in place that demonstrates a chain of responsibility for handling security and reporting errors ― ‘Tone at the top’ ― Shared ownership of good practices ― Openness & transparency – continuous improvement
State of the Nation – addressing Cyber Risk Four golden rules our plan is founded upon Over 75% of attacks exploit failures to put in place basic controls Get the basics right You have to prioritize where you spend your money to defend yourself, so build a fortress around your most critical asset. Look after the crown jewels Invest in understanding who might attack you, why and how, so that you can anticipate the most likely scenarios and defend those assets that are most likely to get attacked. Do your homework on your enemies Security and resilience can affect nearly every part of an organization. Strategies to protect IT security and business resiliency should align with an organization’s broader goals – from protecting intellectual property to maximizing productivity to finding new ways to delight customers. Treat cyber risk as an opportunity to look closely at your business
Solving the big ‘Board reporting problem’ in cyber Jon Hawes, Security Intelligence Strategist, Panaseer
Cyber security insurance Graeme Newman, Chief Innovation Officer CFC
Tackling the insider threat Garath Lauder, Director, Cyberseer Ted Plumis, Vice President of Channels and Corporate Development, Exabeam
Social engineering: the art of the con Rob Shapland, Penetration Testing Team Manager, First Base Technologies
Cryptography Basics Dr David Weston, Lecturer in Computer Science and Information Systems Birkbeck University of London
Tokens, Honeypots, Idenitfication Authorisation Services Ray Dalgarno, Director, CYBERCAST
Trust with “THIS” Tokens, Honeypots, Identification Authorisation Services; The Confluence
Agenda Warfare Attack Surface, Attribution, Residency, Deniability Honeypots & Tokens Identification and Authorisation Conclusion
Warfare Security through obscurity – the reason the armed forces adopt camouflage
NHS Cyber Attacks – The Telegraph 1st Nov 2016 “…hacking is "no longer the stuff of spy thrillers and action movies" but a clear and present threat…” “…Ben Gummer, minister for Cabinet, says that "large quantities of sensitive data" held by the NHS and the Government is being targeted by hackers…” “…Ministers will also unveil a Cyber Security Research Institute, a "virtual collection of UK universities" which will work towards making passwords obsolete…”
Cyber Fraud “…Online fraudsters stole £10.9bn in the UK last year…” “…39% (of respondents), questioned by “Get Safe Online” said they were a victim of cybercrime, but did not report it…” “…53% received phishing messages…” Extract from The Telegraph 20th October 2016
Cyber Crime is a War Zone “Rouse him, and learn the principle of his activity or inactivity. Force him to reveal himself, so as to find out his vulnerable spots.” “If you know the enemy and know yourself you need not fear the results of a hundred battles” - Sun Tzu, Military General, Strategist & Philosopher, 5th Century BC, China Deception is a powerful, effective, but under utilised tool – (at least by defenders) Full range of “effects” on adversaries possible through deception
Effects Attacker Defender Fail to observe Prevent the defender from detecting the attack. Prevent the attacker from discovering their target. Reveal Trick the defender into providing access. Trick the attacker into revealing their presence. Waste Time Focus the defender’s attention on the wrong aspects of the incident. Focus the attacker’s efforts on the wrong target. Deception Effects - Attacker & Defender
Operation Mincemeat - 1943 Successful British disinformation plan during the Second World War to cover the invasion of Italy from North Africa. To convince the Germans that, instead of attacking Sicily, the Allied armies would invade Greece.
Operation Mincemeat - 1943 Successful British disinformation plan during the Second World War to cover the invasion of Italy from North Africa. To convince the Germans that, instead of attacking Sicily, the Allied armies would invade Greece. This was accomplished by persuading the Germans that they had, by accident, intercepted "top secret" documents giving details of Allied war plans.
Attack Surface, Attribution, Residency, Deniability From the living room to the boardroom
Attack Surface From ordinary consumers, to a single-office business, through the regulatory bodies, to the national and global giants The environment dictates the approach – no “Silver Bullet” Layered security – combining multiple mitigating security controls to cost effectively protect resources & data
Attack Attribution At which point in the attack do you realise that you have been hacked  TalkTalk, DNC, Yahoo There are very few “smoking guns” visible Attacks that often begin with broadly targeted phishing, that can introduce & run new binaries on victims networks, & that connect to random internal hosts using exfiltrated credentials , can still remain hidden for a year
Examples of Global IT Vendors’ Vulnerabilities Microsoft  Microsoft August (2016) Patch Tuesday, included five updates rated critical out of a total of nine, bringing the number of patches for the year- to-date at 103 SAP  There are vulnerabilities in almost every SAP module; CRM, EP, and SRM are leaders among them ERPScan SAP Cyber Threat Report2016 Oracle MICROS (and others)  In total, more than one million PoS terminals around the world could be at risk, should the attacks prove to have been deeper than the companies are currently publicly admitting Computing Aug
Dwell Time/Residency Mandiant reported that attackers on average lurked on a network for 205 days before being discovered¹ Microsoft recently reported they place the number at more than 200 days to detect a security breach and 80 days to contain it² 1. https://www2.fireeye.com/rs/fireye/images/rpt-m-trends-2015.pdf 2. https://blogs.windows.com/windowsexperience/2016/03/01/announcing-windows-defender-advanced-threat- protection
Plausible Deniability & Malware Intrusion Plausible deniability refers to circumstances where a denial of responsibility or knowledge of wrong doing cannot be proved as true or untrue due to a lack of evidence proving the allegation It is a basic law for the cheat and the deceiver. Be able to offer up an excuse that cannot be disproved easily and that makes sense for the situation
Trickle-down Effects Increasing rapidity of car-trickle-down; yester-years’ top end car innovations eventually migrate through the models becoming standard options in lower-priced vehicles This pattern of innovation holds true in virtually every field, including cyber- security Malware as a Service (MaaS) – moving from the heavily funded specialist cyber experts down into the mass market MaaS now commonly available at very low cost through the darknet and sites such TOR, I2p
Honeypots & Tokens Evolution Mimicry
Honeypots Venus Flytrap in Action (triggered honeypot) Trojan Horse (passive honeypot) Greeks built, used to enter the city of Troy and win the 10 year Trojan war - 4th Century story Cartography: A trap street (passive honeypot) is a fictitious entry in the form of a misrepresented street, for the purpose of "trapping" potential copyright violators
Tempting - moneypot All mine………. Ooops!
Honeypot Principle Focus on detecting threats  Here, we’d like to know immediately someone has broken into the network and in places they shouldn’t be Ensure the honeypot looks appealing to the attacker  The honeypot must look legitimate & enticing In this attack scenario the defender has particular advantage  Once attackers initially land inside your internal network, they’re at a disadvantage. They don’t know the lay of the land and they need to explore it (reconnaissance), while remaining hidden
Defence through Deception Deception is a highly effective solution for protecting environments; used to confuse, delay and redirect the enemy Lured to the Canary Honeypot, the attacker will be tricked into engaging with that device and believe they are being successful in their attack
Canary – Today and Tomorrow Canary - great for remote sites but what about our VM data centres? What about integration with established enterprise monitoring frameworks such as Openview, CA or Microsoft SCOM? Console management limit on the number of deployed Canaries? Are “Canarytokens” part of tomorrow’s planning?
Identification & Authorisation A new way forward
Tokens Tokens - In general, a token is an object that represents something else, such as another object (either physical or virtual), or an abstract concept. In computer systems, there are a number of types of tokens, both hardware and software In human terms, a token of trust can exist between two parties with such levels of trust reinforced through personal introductions with other parties A token generation & management platform, designed specifically for high security multi-services in public and private clouds, greatly enhances trustworthy information handling
Identification with Passwords Any directory service or management platform holding passwords becomes a target by the attacker for credentials’ theft Passwords are fundamentally flawed:  Often easy to guess  Are reused across different services  Are written down or stored or shared  Can be intercepted  Are expensive to maintain  29% of all cybercrime is from stolen passwords
Identification WITHOUT Password The Problem  The password has outlived it’s usefulness Secure Cloudlink’s Response  Patented and highly secure tokenised message management solution assures password redundancy  User credentials are not transmitted, stored or replicated  Secure digital services - a snap for the user Randomised, encrypted, key generation – no consistent key to be stolen
Conclusion Possible quick-wins
Immediate Low-risk Considerations People protection: Continuous inter-active education on the threats & risks posed by cyber-criminals through the deployment of Phish5 email phishing simulations with supporting education processes Network hardening: Rapid deployment of customisable, low-cost, capex- free, Canary honeypots throughout the strategic points on the network Access & authorisation protection: Review and assess the usage & costs (direct/indirect) of passwords in your own organisation – test the results against Secure Cloudlink Information handling assurance: Regular external, expert assessment & audit of network, data governance practices and procedures
Security Through Obscurity Warfare - The Social Threat Attack Surface, Attribution, Residency, Deniability - Livingroom to Boardroom Honeypots & Tokens – Evolution Mimicked Identification and Authorisation – New Pathway
Thank you Trust in “THIS” Security through Obscurity Ray Dalgarno ray@cybercast.co
New and evolving forms of malware Mark Olding, Senior Enterprise Presales Consultant, Kaspersky Labs
The what, how, who and why of computer malware Mark Olding Senior Enterprise Presales Consultant
THE SCALE OF THE THREAT 1 NEW VIRUS EVERY HOUR 1994 1 NEW VIRUS EVERY MINUTE 2006 1 NEW VIRUS EVERY SECOND 2011 310,000 NEW SAMPLES EVERY DAY 2016 THE SCALE OF THE THREAT
90% 9.9% 0.1% Targeted attacks Advanced persistent threats Traditional cybercrime Targeted threats to organizations Cyber-weapons THE NATURE OF THE THREAT
TRENDS AND THREATS Internet of Things Big Data Fragmentation of the internet Cloud & Virtualization Consumerisation & Mobility Critical Infrastructure at risk Increasing online commerce Privacy & Data protection challenge Online banking at risk Mobile threats Decreasing costs of APTs Merger of cyber crime and APTs Supply chain attacks Internet of Things Targeting hotel networks Ransomware programs Cyber mercenariesMassive data leaks Malware for ATMs Financial phishing attacks Attacks on PoS terminals Threats to Smart Cities ‘Wipers’ & Cyber - sabotage Targeted Attacks
HOW MALWARE SPREADS USB sticks Email Exploit kits Social Networks
Browser s VULNERBILITIES AND EXPLOITS
WEB-BASED THREATS Kaspersky Lab discovered 798,113,087 web attacks in 2015 25 attacks per second 1,518 attacks per minute 2.1 million attacks per day 91,000 attacks per hour
DRIVE-BY DOWNLOADS
June2015 SOCIAL MEDIA
June2015 EMAIL
REMOVABLE DRIVES
June2015 DIGITAL CERTIFICATES
CONSUMER THREATS IN 2015 0 50000 100000 150000 200000 250000 300000 350000 400000 450000 Users Users 2 MILLION ATTEMPTS In 2015, Kaspersky Lab solutions blocked attempts to launch malware capable of stealing money via on-line banking on almost 2 million computers This number is 2.8% higher than in 2014
June2015 Ransomware
June 2015 BLOCKERS
CRYPTORS June 2015
Stuxnet Advanced Persistent Threats Duqu Gauss Flame MiniFlame Kimsuky NetTraveler Winnti Icefog RedOctober Miniduke TeamSpy Energetis Bear/ Crouching Yeti Epic Turla Careto/The Mask Regin CosmicDuke Darkhotel Spring Dragon Satellite Turla MsnMM Campaigns Darkhotel Part 2 Animal Farm Equation Desert Falcons Carbanak Sofacy Hellsing Naikon Duqu 2.0 Blue Termite Wild Neutron We discover and dissect the worlds most sophisticated malware
HOW THE CARBANAK CYBERGANG STOLE $1bn Carbanak sent backdoor as an attachment Bank employee Emails with exploits Credentials stolen 100s of machines infected In search of admin PC Admin REC CASH TRANSFER SYSTEMS 1. Infection 2. Harvesting Intelligence Intercepting the clerk’s screen 3. Mimicking the staff How the money was stolen Online – Banking Money was transferred to the fraudsters accounts E- Payment Systems Money was transferred to banks in China and the US A targeted attack on a bank Inflated account balances The extra funds were pocketed via a fraudulent transaction Inflated account balances The extra funds were pocketed via a fraudulent transaction Controlling ATMS Orders to dispense cash at a pre- determined time
MAC MALWARE In 2012, the flashback botnet was discovers, consisting of 700,000 computers all running under MAC OSX Cybercriminals repeatedly use MAC malware when launching targeted attacks MACs can unknowingly pass PC malware onto PCs in your network
MAC MALWARE 0 5000 10000 15000 20000 25000 30000 2003200520072009201120132015 Malware Malware Since 2012 the proportion of adware on OSX has increased fivefold Kaspersky Lab recorded almost 6 million unique attacks on MAC devices in 2015 x5 There are more then 24,000 sample of malicious OSX files in Kaspersky Lab’s collection
MOBILE MALWARE 0 200000 400000 600000 800000 1000000 1200000 1400000 1600000 Q12011 Q32011 Q12012 Q32012 Q12013 Q32013 Q12014 Q32014 Q12015 Q32015 Malware Malware
MOBILE MALWARE Sales Adware RiskTool
• Evaluate the risks • Patch OS and applications • Mange your network • Secure your systems  Multi-layered protection  Not just endpoints  Default-Deny  Encrypt  Don’t forget mobile • Educate staff RIGHT NOW
• Stop fire fighting  Create a strategy • It’s bigger than IT • Delegate to experts  Assessment  Incident response  Analysis TOMORROW
• ‘The end of APTs’ • Alternative payment systems and stock exchange • Sabotage, extortion and shame • Ransomware • Trusted resources • From ‘APT-as-a-Service’ to ‘Access-as-a-service’ • Balkanisation • Transportation • ‘Crypto-apocalypse FUTURE PROSPECTS
THANK YOU
Closing keynote address Vicki Gavin, Compliance Director, Head of Business Continuity & Information Security The Economist Group
Thank you.

Recommended

ICSA Ireland Conference 2016
ICSA Ireland Conference 2016ICSA Ireland Conference 2016
ICSA Ireland Conference 2016Institute of Chartered Secretaries and Administrators
 
Key Elements of an Effective Anti-Bribery Management System Implementation
Key Elements of an Effective Anti-Bribery Management System ImplementationKey Elements of an Effective Anti-Bribery Management System Implementation
Key Elements of an Effective Anti-Bribery Management System ImplementationPECB
 
ICSA Ireland Conference 2018, 17 May
ICSA Ireland Conference 2018, 17 MayICSA Ireland Conference 2018, 17 May
ICSA Ireland Conference 2018, 17 MayInstitute of Chartered Secretaries and Administrators
 
Bob arnold
Bob arnoldBob arnold
Bob arnoldProjectControlsExpo
 
V091013 db1 oh&s issues for the board-09-10-13
V091013 db1 oh&s issues for the board-09-10-13V091013 db1 oh&s issues for the board-09-10-13
V091013 db1 oh&s issues for the board-09-10-13Marion Macleod
 
Report from Nordic Board Leadership webinar March 22, 2021
Report from Nordic Board Leadership webinar March 22, 2021Report from Nordic Board Leadership webinar March 22, 2021
Report from Nordic Board Leadership webinar March 22, 2021BoardsImpactForum
 
The Future of the Governance Professional
The Future of the Governance ProfessionalThe Future of the Governance Professional
The Future of the Governance ProfessionalTurlough Guerin GAICD FGIA
 
Isaca app sec presentation - v3
Isaca app sec presentation - v3Isaca app sec presentation - v3
Isaca app sec presentation - v3Kyle Lai
 

Recommended

ICSA Ireland Conference 2016
ICSA Ireland Conference 2016ICSA Ireland Conference 2016
ICSA Ireland Conference 2016Institute of Chartered Secretaries and Administrators
 
Key Elements of an Effective Anti-Bribery Management System Implementation
Key Elements of an Effective Anti-Bribery Management System ImplementationKey Elements of an Effective Anti-Bribery Management System Implementation
Key Elements of an Effective Anti-Bribery Management System ImplementationPECB
 
ICSA Ireland Conference 2018, 17 May
ICSA Ireland Conference 2018, 17 MayICSA Ireland Conference 2018, 17 May
ICSA Ireland Conference 2018, 17 MayInstitute of Chartered Secretaries and Administrators
 
Bob arnold
Bob arnoldBob arnold
Bob arnoldProjectControlsExpo
 
V091013 db1 oh&s issues for the board-09-10-13
V091013 db1 oh&s issues for the board-09-10-13V091013 db1 oh&s issues for the board-09-10-13
V091013 db1 oh&s issues for the board-09-10-13Marion Macleod
 
Report from Nordic Board Leadership webinar March 22, 2021
Report from Nordic Board Leadership webinar March 22, 2021Report from Nordic Board Leadership webinar March 22, 2021
Report from Nordic Board Leadership webinar March 22, 2021BoardsImpactForum
 
The Future of the Governance Professional
The Future of the Governance ProfessionalThe Future of the Governance Professional
The Future of the Governance ProfessionalTurlough Guerin GAICD FGIA
 
Isaca app sec presentation - v3
Isaca app sec presentation - v3Isaca app sec presentation - v3
Isaca app sec presentation - v3Kyle Lai
 
How to establish the right governance oversight structure to address corporat...
How to establish the right governance oversight structure to address corporat...How to establish the right governance oversight structure to address corporat...
How to establish the right governance oversight structure to address corporat...David Doughty
 
Corruption In China: Recovery-Led Investigations
Corruption In China: Recovery-Led InvestigationsCorruption In China: Recovery-Led Investigations
Corruption In China: Recovery-Led InvestigationsEthisphere
 
Information Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderInformation Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderEvan Francen
 
527L17_Women in Complience LON_L
527L17_Women in Complience LON_L527L17_Women in Complience LON_L
527L17_Women in Complience LON_LHumera Akram
 
IoT and sustainable development - United Nations
IoT and sustainable development - United NationsIoT and sustainable development - United Nations
IoT and sustainable development - United NationsGaya Branderhorst
 
ICSA Annual Conference: Day 2, afternoon sessions
ICSA Annual Conference: Day 2, afternoon sessionsICSA Annual Conference: Day 2, afternoon sessions
ICSA Annual Conference: Day 2, afternoon sessionsInstitute of Chartered Secretaries and Administrators
 
Top 10 Ethics and Compliance Trends 2016
Top 10 Ethics and Compliance Trends 2016Top 10 Ethics and Compliance Trends 2016
Top 10 Ethics and Compliance Trends 2016NAVEX Global
 
Cybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafelCybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafelSURFnet
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of securityMatthew Pascucci
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security smallHenry Worth
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Morakinyo Animasaun
 
Scot Secure 2017
Scot Secure 2017Scot Secure 2017
Scot Secure 2017Ray Bugg
 
Cyber security for Developers
Cyber security for DevelopersCyber security for Developers
Cyber security for Developerstechtutorus
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks- Mark - Fullbright
 
LogRhythm Reducing cyber risk in the legal sector Whitepaper
LogRhythm Reducing cyber risk in the legal sector WhitepaperLogRhythm Reducing cyber risk in the legal sector Whitepaper
LogRhythm Reducing cyber risk in the legal sector WhitepaperTom Salmon
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Mark Baker
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Mark Baker
 
Cybrary's navigating a security wasteland
Cybrary's navigating a security wasteland Cybrary's navigating a security wasteland
Cybrary's navigating a security wasteland Devendra kashyap
 

More Related Content

What's hot

How to establish the right governance oversight structure to address corporat...
How to establish the right governance oversight structure to address corporat...How to establish the right governance oversight structure to address corporat...
How to establish the right governance oversight structure to address corporat...David Doughty
 
Corruption In China: Recovery-Led Investigations
Corruption In China: Recovery-Led InvestigationsCorruption In China: Recovery-Led Investigations
Corruption In China: Recovery-Led InvestigationsEthisphere
 
Information Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderInformation Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderEvan Francen
 
527L17_Women in Complience LON_L
527L17_Women in Complience LON_L527L17_Women in Complience LON_L
527L17_Women in Complience LON_LHumera Akram
 
IoT and sustainable development - United Nations
IoT and sustainable development - United NationsIoT and sustainable development - United Nations
IoT and sustainable development - United NationsGaya Branderhorst
 
Top 10 Ethics and Compliance Trends 2016
Top 10 Ethics and Compliance Trends 2016Top 10 Ethics and Compliance Trends 2016
Top 10 Ethics and Compliance Trends 2016NAVEX Global
 

What's hot (7)

How to establish the right governance oversight structure to address corporat...
How to establish the right governance oversight structure to address corporat...How to establish the right governance oversight structure to address corporat...
How to establish the right governance oversight structure to address corporat...
 
Corruption In China: Recovery-Led Investigations
Corruption In China: Recovery-Led InvestigationsCorruption In China: Recovery-Led Investigations
Corruption In China: Recovery-Led Investigations
 
Information Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderInformation Security For Leaders, By a Leader
Information Security For Leaders, By a Leader
 
527L17_Women in Complience LON_L
527L17_Women in Complience LON_L527L17_Women in Complience LON_L
527L17_Women in Complience LON_L
 
IoT and sustainable development - United Nations
IoT and sustainable development - United NationsIoT and sustainable development - United Nations
IoT and sustainable development - United Nations
 
ICSA Annual Conference: Day 2, afternoon sessions
ICSA Annual Conference: Day 2, afternoon sessionsICSA Annual Conference: Day 2, afternoon sessions
ICSA Annual Conference: Day 2, afternoon sessions
 
Top 10 Ethics and Compliance Trends 2016
Top 10 Ethics and Compliance Trends 2016Top 10 Ethics and Compliance Trends 2016
Top 10 Ethics and Compliance Trends 2016
 

Similar to Showreel ICSA Technology Conference

Cybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafelCybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafelSURFnet
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of securityMatthew Pascucci
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security smallHenry Worth
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Morakinyo Animasaun
 
Scot Secure 2017
Scot Secure 2017Scot Secure 2017
Scot Secure 2017Ray Bugg
 
Cyber security for Developers
Cyber security for DevelopersCyber security for Developers
Cyber security for Developerstechtutorus
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks- Mark - Fullbright
 
LogRhythm Reducing cyber risk in the legal sector Whitepaper
LogRhythm Reducing cyber risk in the legal sector WhitepaperLogRhythm Reducing cyber risk in the legal sector Whitepaper
LogRhythm Reducing cyber risk in the legal sector WhitepaperTom Salmon
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Mark Baker
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Mark Baker
 
Cybrary's navigating a security wasteland
Cybrary's navigating a security wasteland Cybrary's navigating a security wasteland
Cybrary's navigating a security wasteland Devendra kashyap
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerceSensePost
 

Similar to Showreel ICSA Technology Conference (20)

Cybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafelCybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafel
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security small
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
 
Scot Secure 2017
Scot Secure 2017Scot Secure 2017
Scot Secure 2017
 
Cyber security for Developers
Cyber security for DevelopersCyber security for Developers
Cyber security for Developers
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital world
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks
 
LogRhythm Reducing cyber risk in the legal sector Whitepaper
LogRhythm Reducing cyber risk in the legal sector WhitepaperLogRhythm Reducing cyber risk in the legal sector Whitepaper
LogRhythm Reducing cyber risk in the legal sector Whitepaper
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)
 
Cybrary's navigating a security wasteland
Cybrary's navigating a security wasteland Cybrary's navigating a security wasteland
Cybrary's navigating a security wasteland
 
Cyber security
Cyber securityCyber security
Cyber security
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
 

More from Institute of Chartered Secretaries and Administrators

More from Institute of Chartered Secretaries and Administrators (20)

Board effectiveness and performance beyond the annual evaluation_ICSA Dublin ...
Board effectiveness and performance beyond the annual evaluation_ICSA Dublin ...Board effectiveness and performance beyond the annual evaluation_ICSA Dublin ...
Board effectiveness and performance beyond the annual evaluation_ICSA Dublin ...
 
ICSA Jersey Conference 2019 - Updated presentation slides
ICSA Jersey Conference 2019 - Updated presentation slidesICSA Jersey Conference 2019 - Updated presentation slides
ICSA Jersey Conference 2019 - Updated presentation slides
 
ICSA Guernsey Conference 2019 - Updated presentation slides
ICSA Guernsey Conference 2019 - Updated presentation slidesICSA Guernsey Conference 2019 - Updated presentation slides
ICSA Guernsey Conference 2019 - Updated presentation slides
 
Risk Management and the Company Secretary
Risk Management and the Company Secretary Risk Management and the Company Secretary
Risk Management and the Company Secretary
 
Board effectiveness and performance beyond the annual evaluation
Board effectiveness and performance beyond the annual evaluationBoard effectiveness and performance beyond the annual evaluation
Board effectiveness and performance beyond the annual evaluation
 
ICSA qualifying programme update 2019
ICSA qualifying programme update 2019 ICSA qualifying programme update 2019
ICSA qualifying programme update 2019
 
ICSA CPD - Cyber breaches
ICSA CPD - Cyber breachesICSA CPD - Cyber breaches
ICSA CPD - Cyber breaches
 
ICSA Competency Framework presentation for Guernsey branch - 26 February 2019
ICSA Competency Framework presentation for Guernsey branch - 26 February 2019ICSA Competency Framework presentation for Guernsey branch - 26 February 2019
ICSA Competency Framework presentation for Guernsey branch - 26 February 2019
 
ICSA Ireland CPD_Senior Executive Accountability Regime_Deloitte 22Jan19
ICSA Ireland CPD_Senior Executive Accountability Regime_Deloitte 22Jan19ICSA Ireland CPD_Senior Executive Accountability Regime_Deloitte 22Jan19
ICSA Ireland CPD_Senior Executive Accountability Regime_Deloitte 22Jan19
 
ICSA Ireland CPD event - Essential Eight Technologies
ICSA Ireland CPD event - Essential Eight TechnologiesICSA Ireland CPD event - Essential Eight Technologies
ICSA Ireland CPD event - Essential Eight Technologies
 
ICSA Irish Region Directors' Duties (Dublin) CPD event, 24 April 2018
ICSA Irish Region Directors' Duties (Dublin) CPD event, 24 April 2018ICSA Irish Region Directors' Duties (Dublin) CPD event, 24 April 2018
ICSA Irish Region Directors' Duties (Dublin) CPD event, 24 April 2018
 
ICSA Irish Region Directors' Duties (Cork) CPD event, 10 April 2018
ICSA Irish Region Directors' Duties (Cork) CPD event, 10 April 2018ICSA Irish Region Directors' Duties (Cork) CPD event, 10 April 2018
ICSA Irish Region Directors' Duties (Cork) CPD event, 10 April 2018
 
ICSA Irish Region Audit Committees CPD event, 6 March 2018
ICSA Irish Region Audit Committees CPD event, 6 March 2018ICSA Irish Region Audit Committees CPD event, 6 March 2018
ICSA Irish Region Audit Committees CPD event, 6 March 2018
 
ICSA Irish Region Effective Minute Taking CPD event, 12 December 2017
ICSA Irish Region Effective Minute Taking CPD event, 12 December 2017ICSA Irish Region Effective Minute Taking CPD event, 12 December 2017
ICSA Irish Region Effective Minute Taking CPD event, 12 December 2017
 
ICSA Irish Region Effective Board Reporting CPD event, 5 December 2017
ICSA Irish Region Effective Board Reporting CPD event, 5 December 2017ICSA Irish Region Effective Board Reporting CPD event, 5 December 2017
ICSA Irish Region Effective Board Reporting CPD event, 5 December 2017
 
ICSA Irish Region General Data Protection Regulation event, 10 October 2017
ICSA Irish Region General Data Protection Regulation event, 10 October 2017ICSA Irish Region General Data Protection Regulation event, 10 October 2017
ICSA Irish Region General Data Protection Regulation event, 10 October 2017
 
ICSA Irish Region the Minuting of Meetings event, 12 September 2017
ICSA Irish Region the Minuting of Meetings event, 12 September 2017ICSA Irish Region the Minuting of Meetings event, 12 September 2017
ICSA Irish Region the Minuting of Meetings event, 12 September 2017
 
Ireland Directors' Compliance Statement and Audit Committees event, 20 June 2017
Ireland Directors' Compliance Statement and Audit Committees event, 20 June 2017Ireland Directors' Compliance Statement and Audit Committees event, 20 June 2017
Ireland Directors' Compliance Statement and Audit Committees event, 20 June 2017
 
Yorkshire Branch Meeting 28 June 2017
Yorkshire Branch Meeting 28 June 2017Yorkshire Branch Meeting 28 June 2017
Yorkshire Branch Meeting 28 June 2017
 
Guernsey Minute Taking event, 28 June 2017
Guernsey Minute Taking event, 28 June 2017 Guernsey Minute Taking event, 28 June 2017
Guernsey Minute Taking event, 28 June 2017
 

Recently uploaded

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 

Recently uploaded (20)

Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 

Showreel ICSA Technology Conference

  • 1. ICSA Technology Conference: focus on cyber security Friday 4 November, 2017
  • 3. Chair’s opening remarks Mark Child, Managing Director GLE Consulting Limited
  • 5. Cyber Security The ICSA Technology Conference 2016 ICSA: THE GOVERNANCE INSTITUTE 4TH NOVEMBER 2016
  • 6. Cyber security – everyone’s pet subject • Undoubtedly the topic of the moment • But, is it anything new? • How worried should we really be? • How, in practical terms, do we understand and tackle ‘cyber threat’?
  • 7. Questions… “What are we doing about Cyber?” “Can we be hacked?” “What is our current level of Cyber risk?” “Should we be doing penetration testing?” “Can’t we just take out insurance?”
  • 8. It’s an opportunity for the authorities too “The biggest threat to the UK way of life will come from cyber terrorism rather than traditional attacks on cities and people”. David Blunkett “If the US government does not improve cyber defences, we will leave our nation and our economy vulnerable". Barak Obama “Cyber security is a Tier 1 threat to the nation and has become a strategic risk management issue for all organisations.” MI6
  • 9. Hardware and software vendors… …are never blind to a sales and marketing opportunity either!
  • 10. Threat landscape • Main themes over the last year. • The risk landscape is dynamic and continuously evolving. • Cybercrime in Financial Services is the domain of organised criminals - focussed on monetising their technical advantage. • Ransom-ware • Phishing • Data theft • Wire-fraud (and ‘whale phishing’) • Smaller organisations are as equally likely to be in the firing line as large firms. Their relative lack of resources mean that they are easier to compromise and exploit. • Increased reliance on third party suppliers – a significant hidden security risk. • The threat therefore remains real, current and relevant to all.
  • 11. Threat landscape – The global state of information security survey 2015
  • 12. Threat landscape – global Implementation of key security safeguards
  • 14. Ransomware and cyber extortion Martin Lee Technical Lead, Security Research Team Lead, Talos Outreach EMEA, Cisco
  • 15. Martin Lee Technical Lead Security Research
  • 18. Cyber Crime Business Model Compromised System Steal CPU Cycles Steal Bandwidth Steal Data Mine bitcoins DDOS Send spam Credential theft Identity theft
  • 19. Ransomware - A New Model
  • 20. Ransomware Rogues Gallery Name AIDS Trojan Date Dec 1989 Spread Diskette Ransom $189 (by post) Encryption Symmetric (file names only)
  • 21. Ransomware Rogues Gallery Name Reveton Cryptolocker Cryptowall 2.0 Locky Date May 2012 Sep 2013 Sep 2014 Feb 2016 Spread Exploit kits (web) Email Malvertising Email Ransom $200 by Ukash, Bitcoin $400 by Ukash or Bitcoin $500 or bitcoin $300 - $400 Tor, Bitcoin Encryption various RSA-2048 bit Including network drives RSA- 2048 bit RSA-2048 + AES-256 including network drives also web site version.
  • 22. Angler EK - The Money
  • 26. A Major News Site 26 Domains 39 Hosts 171 Objects 557 Connections
  • 28. SamSam – March 2016 Scan for JBoss vulnerability Encrypt files & demand payment Install SamSam malware Install web shell Expand presence on network
  • 30. Vulnerable Systems 3.2 million ‘at risk’ machines Scan for JBoss vulnerability CVE-2010-0738 Install web shell 2100 installed web shells
  • 31. A Future Ransomware Model Establish initial access Escalate privileges Identify critical systems Install ransomware Collect payment Scan for vulnerabilities Maximising lost value for the victim Minimising costs for the attacker
  • 33. Incident response: what to do in the event of a cyber breach Mark Child, Managing Director and Neil May, Senior Manager, Technology Risk Management GLE Consulting Limited
  • 34. What To Do In The Event of A Cyber Breach Incident Response ICSA: THE GOVERNANCE INSTITUTE 4TH NOVEMBER 2016
  • 35. You might be feeling a bit like this… Rabbit in the headlights!
  • 36. Or, depending on your board… Possibly like this.
  • 37. The big question is … Is this really an entirely new threat that we are facing?
  • 38. Our view But, there are some trends: ― We are noticing more and larger breaches. ― Breaches and data leaks are making the news – there is public, media and regulatory interest. ― The criminals are getting smarter. The threat is NOT new. ‘Cyber’ is a convenient label for information risk in the 21st Century
  • 39. Our view – how do we respond? Pursue a strategy of defence-in-depth Avoid our historic fixation on ‘the perimeter’ This is not a purely technical problem. The solution is not necessarily a technical one. Technical controls remain key. The weakest links are likely to be: Your people Your third party suppliers & partners And So But
  • 40. Summary ― ‘Cyber threat’ is nothing new – in our view! ― But it is serious. ― Target defence in depth. ― Staff, contractors and suppliers are now your weakest link. ― Get back to basics on information governance ― Apply technology solutions intelligently to support & enable.
  • 43. Just how successful was it? Not very successful at all!
  • 44. Perception versus reality We think we are building this… But we have potentially built this…
  • 45. Case studies – poor practices ― October 2015 ― Cause: Simple (and old) technical exploit (executed by a 15 year-old boy) ― Immediate result: 150,000 customer records stolen (0ver 15,000 full bank details) ― Incident/crisis management extremely poor: ― CEO unprepared & poorly briefed ― Scope of breach massively over-estimated ― Response ill-judged (500,000 customers given ‘free upgrade’) ― Impacts: ― REPUTATION – Lost 95,000 customers in year 1 ― FINANCIAL – Current financial cost estimated at £60m ― REGULATORY – Formally sanctioned by ICO (Fined 400k)
  • 46. Case studies – insider threat ― December 2014 ― Cause: Malicious software deployed via ‘phishing’ attack used to obtain IDs and passwords ― Politically motivated ― Immediate result: 100 terabytes of data stolen (the whole of the “.co.uk” domain is only 68 Tb) ― Data included entire movies, financials, staff data, salary data, email records ― Data posted on the internet for download ― Impacts: ― REPUTATION – Deputy CEO forced to resign due to damaging email content ― FINANCIAL – Current financial cost estimated at $15m (impact reduced by insurances and managed legal response).
  • 47. Case studies – third party ― Spring 2014 ― Cause: Security compromise at third party AirCon and Ventilation contractor – access gained to Target’s network. ― Immediate result: 70m customer records and 40m credit card records harvested across 1,797 stores over extended period ― Data downloaded by criminals in Russia. ― Impacts: ― FINANCIAL – Current financial cost to Target estimated at $61m (Industry-wide costs estimated at $200m)
  • 48. Get back to basics ― It’s not just about the enemy at the gates (i.e. the perimeter) ― The perimeter is hard to define these days ― We cannot rely solely upon prevention – our detection and response capability must improve. We need to take the threat seriously.
  • 49. Get back to basics ― Technology and tools of the highest quality can be undermined by weaknesses in basic security practices. ― Or by a flawed corporate culture. ― Cyber/Information risk is a problem for the entire business to resolve – not just IT! ― Today’s cyber criminals recognise this and exploit it by adopting a range of approaches which step away from the purely technical and exploit weaknesses in the way that organisations manage, control and interact with their information. ― A full frontal assault is unlikely to be profitable – an attacker will target compromise from the inside. And they can be very patient.
  • 50. Get back to basics Fundamentally, addressing the Cyber Threat means going back to basics, looking again at your organisation and the controls you already have: ― Understanding your people – what threats do they pose? After all there is no patch for stupidity! ― Understanding your organisation’s information, where it is and how it is used. ― Identifying the main risks to physical and information assets. ― Ensuring that the right measures are adopted to mitigate risk to within acceptable levels – balancing cost versus risk.
  • 51. Get back to basics – governance foundations Unless the foundations of good information and security governance are working well, any investment in security technology will most likely be wasted. Fundamental areas for focus are: ― Staff security training and awareness. ― Robust oversight and management of third party suppliers ― Software & hardware patch management ― Intelligent management & admin of user access. ― Clear policies on security, acceptable system use and social media. People. Process. Tools. In that order!
  • 52. Get back to basics – making it work For effective and sustainable governance: ― Setting, maintaining and continuing to evolve the “tone at the top”. ― Monitoring of information risk management by the Board of Directors. ― Ongoing, practical and relevant awareness training. ― Independent assurance. ― Regular, risk-based security testing. Inside and outside the perimeter.
  • 53. What happens if a security breach occurs? ― If a security breach occurs, organisations that follow clearly documented plans to reduce the impact of the breach have a much better chance of staying out of the law courts and avoiding punishment ― Most organisations unfortunately don't have good systems for actually managing the problem. If a breach occurs, the law is really concerned with your behaviour at that point in time. You can't unravel the past and pretend the breach didn't occur, it's what you do from that point on that will determine your culpability ― On top of having well documented systems and procedures, organisations need to have clearly defined actions for dealing with a breach and limiting the damage to those affected. This is likely to involve multiple disciplines that could include information security specialists, IT resources, a PR agency, legal advice and credit reporting services ― If you adopt an honourable stance from the outset, doing the right thing at the right time, then your legal team is in a very strong position to defend you to the regulator arguing that you're not the kind of organisation that has the profile that requires all of the effect of the law and therefore the punishment
  • 54. How to protect organisations from security breaches ― Take some basic steps to "build a protective shield”, most notably: ― Build a single unified security policy ― Ensure information security forms part of any contract initiation ― Make security part of the process when any project is initiated ― Employee adequacy – ensure you have processes for handling new employees, changes of job, and for employees exiting the company; show that they were made aware of security requirements ― Third-party assurance – have processes in place to guard information held by third parties ― Culture – have a managerial structure in place that demonstrates a chain of responsibility for handling security and reporting errors ― ‘Tone at the top’ ― Shared ownership of good practices ― Openness & transparency – continuous improvement
  • 55. State of the Nation – addressing Cyber Risk Four golden rules our plan is founded upon Over 75% of attacks exploit failures to put in place basic controls Get the basics right You have to prioritize where you spend your money to defend yourself, so build a fortress around your most critical asset. Look after the crown jewels Invest in understanding who might attack you, why and how, so that you can anticipate the most likely scenarios and defend those assets that are most likely to get attacked. Do your homework on your enemies Security and resilience can affect nearly every part of an organization. Strategies to protect IT security and business resiliency should align with an organization’s broader goals – from protecting intellectual property to maximizing productivity to finding new ways to delight customers. Treat cyber risk as an opportunity to look closely at your business
  • 56. Solving the big ‘Board reporting problem’ in cyber Jon Hawes, Security Intelligence Strategist, Panaseer
  • 57. Cyber security insurance Graeme Newman, Chief Innovation Officer CFC
  • 58. Tackling the insider threat Garath Lauder, Director, Cyberseer Ted Plumis, Vice President of Channels and Corporate Development, Exabeam
  • 59. Social engineering: the art of the con Rob Shapland, Penetration Testing Team Manager, First Base Technologies
  • 60. Cryptography Basics Dr David Weston, Lecturer in Computer Science and Information Systems Birkbeck University of London
  • 61. Tokens, Honeypots, Idenitfication Authorisation Services Ray Dalgarno, Director, CYBERCAST
  • 62. Trust with “THIS” Tokens, Honeypots, Identification Authorisation Services; The Confluence
  • 63. Agenda Warfare Attack Surface, Attribution, Residency, Deniability Honeypots & Tokens Identification and Authorisation Conclusion
  • 64. Warfare Security through obscurity – the reason the armed forces adopt camouflage
  • 65. NHS Cyber Attacks – The Telegraph 1st Nov 2016 “…hacking is "no longer the stuff of spy thrillers and action movies" but a clear and present threat…” “…Ben Gummer, minister for Cabinet, says that "large quantities of sensitive data" held by the NHS and the Government is being targeted by hackers…” “…Ministers will also unveil a Cyber Security Research Institute, a "virtual collection of UK universities" which will work towards making passwords obsolete…”
  • 66. Cyber Fraud “…Online fraudsters stole £10.9bn in the UK last year…” “…39% (of respondents), questioned by “Get Safe Online” said they were a victim of cybercrime, but did not report it…” “…53% received phishing messages…” Extract from The Telegraph 20th October 2016
  • 67. Cyber Crime is a War Zone “Rouse him, and learn the principle of his activity or inactivity. Force him to reveal himself, so as to find out his vulnerable spots.” “If you know the enemy and know yourself you need not fear the results of a hundred battles” - Sun Tzu, Military General, Strategist & Philosopher, 5th Century BC, China Deception is a powerful, effective, but under utilised tool – (at least by defenders) Full range of “effects” on adversaries possible through deception
  • 68. Effects Attacker Defender Fail to observe Prevent the defender from detecting the attack. Prevent the attacker from discovering their target. Reveal Trick the defender into providing access. Trick the attacker into revealing their presence. Waste Time Focus the defender’s attention on the wrong aspects of the incident. Focus the attacker’s efforts on the wrong target. Deception Effects - Attacker & Defender
  • 69. Operation Mincemeat - 1943 Successful British disinformation plan during the Second World War to cover the invasion of Italy from North Africa. To convince the Germans that, instead of attacking Sicily, the Allied armies would invade Greece.
  • 70.
  • 71. Operation Mincemeat - 1943 Successful British disinformation plan during the Second World War to cover the invasion of Italy from North Africa. To convince the Germans that, instead of attacking Sicily, the Allied armies would invade Greece. This was accomplished by persuading the Germans that they had, by accident, intercepted "top secret" documents giving details of Allied war plans.
  • 72. Attack Surface, Attribution, Residency, Deniability From the living room to the boardroom
  • 73. Attack Surface From ordinary consumers, to a single-office business, through the regulatory bodies, to the national and global giants The environment dictates the approach – no “Silver Bullet” Layered security – combining multiple mitigating security controls to cost effectively protect resources & data
  • 74. Attack Attribution At which point in the attack do you realise that you have been hacked  TalkTalk, DNC, Yahoo There are very few “smoking guns” visible Attacks that often begin with broadly targeted phishing, that can introduce & run new binaries on victims networks, & that connect to random internal hosts using exfiltrated credentials , can still remain hidden for a year
  • 75. Examples of Global IT Vendors’ Vulnerabilities Microsoft  Microsoft August (2016) Patch Tuesday, included five updates rated critical out of a total of nine, bringing the number of patches for the year- to-date at 103 SAP  There are vulnerabilities in almost every SAP module; CRM, EP, and SRM are leaders among them ERPScan SAP Cyber Threat Report2016 Oracle MICROS (and others)  In total, more than one million PoS terminals around the world could be at risk, should the attacks prove to have been deeper than the companies are currently publicly admitting Computing Aug
  • 76. Dwell Time/Residency Mandiant reported that attackers on average lurked on a network for 205 days before being discovered¹ Microsoft recently reported they place the number at more than 200 days to detect a security breach and 80 days to contain it² 1. https://www2.fireeye.com/rs/fireye/images/rpt-m-trends-2015.pdf 2. https://blogs.windows.com/windowsexperience/2016/03/01/announcing-windows-defender-advanced-threat- protection
  • 77. Plausible Deniability & Malware Intrusion Plausible deniability refers to circumstances where a denial of responsibility or knowledge of wrong doing cannot be proved as true or untrue due to a lack of evidence proving the allegation It is a basic law for the cheat and the deceiver. Be able to offer up an excuse that cannot be disproved easily and that makes sense for the situation
  • 78. Trickle-down Effects Increasing rapidity of car-trickle-down; yester-years’ top end car innovations eventually migrate through the models becoming standard options in lower-priced vehicles This pattern of innovation holds true in virtually every field, including cyber- security Malware as a Service (MaaS) – moving from the heavily funded specialist cyber experts down into the mass market MaaS now commonly available at very low cost through the darknet and sites such TOR, I2p
  • 79.
  • 81. Honeypots Venus Flytrap in Action (triggered honeypot) Trojan Horse (passive honeypot) Greeks built, used to enter the city of Troy and win the 10 year Trojan war - 4th Century story Cartography: A trap street (passive honeypot) is a fictitious entry in the form of a misrepresented street, for the purpose of "trapping" potential copyright violators
  • 83. Honeypot Principle Focus on detecting threats  Here, we’d like to know immediately someone has broken into the network and in places they shouldn’t be Ensure the honeypot looks appealing to the attacker  The honeypot must look legitimate & enticing In this attack scenario the defender has particular advantage  Once attackers initially land inside your internal network, they’re at a disadvantage. They don’t know the lay of the land and they need to explore it (reconnaissance), while remaining hidden
  • 84. Defence through Deception Deception is a highly effective solution for protecting environments; used to confuse, delay and redirect the enemy Lured to the Canary Honeypot, the attacker will be tricked into engaging with that device and believe they are being successful in their attack
  • 85. Canary – Today and Tomorrow Canary - great for remote sites but what about our VM data centres? What about integration with established enterprise monitoring frameworks such as Openview, CA or Microsoft SCOM? Console management limit on the number of deployed Canaries? Are “Canarytokens” part of tomorrow’s planning?
  • 87. Tokens Tokens - In general, a token is an object that represents something else, such as another object (either physical or virtual), or an abstract concept. In computer systems, there are a number of types of tokens, both hardware and software In human terms, a token of trust can exist between two parties with such levels of trust reinforced through personal introductions with other parties A token generation & management platform, designed specifically for high security multi-services in public and private clouds, greatly enhances trustworthy information handling
  • 88. Identification with Passwords Any directory service or management platform holding passwords becomes a target by the attacker for credentials’ theft Passwords are fundamentally flawed:  Often easy to guess  Are reused across different services  Are written down or stored or shared  Can be intercepted  Are expensive to maintain  29% of all cybercrime is from stolen passwords
  • 89. Identification WITHOUT Password The Problem  The password has outlived it’s usefulness Secure Cloudlink’s Response  Patented and highly secure tokenised message management solution assures password redundancy  User credentials are not transmitted, stored or replicated  Secure digital services - a snap for the user Randomised, encrypted, key generation – no consistent key to be stolen
  • 91. Immediate Low-risk Considerations People protection: Continuous inter-active education on the threats & risks posed by cyber-criminals through the deployment of Phish5 email phishing simulations with supporting education processes Network hardening: Rapid deployment of customisable, low-cost, capex- free, Canary honeypots throughout the strategic points on the network Access & authorisation protection: Review and assess the usage & costs (direct/indirect) of passwords in your own organisation – test the results against Secure Cloudlink Information handling assurance: Regular external, expert assessment & audit of network, data governance practices and procedures
  • 92. Security Through Obscurity Warfare - The Social Threat Attack Surface, Attribution, Residency, Deniability - Livingroom to Boardroom Honeypots & Tokens – Evolution Mimicked Identification and Authorisation – New Pathway
  • 93. Thank you Trust in “THIS” Security through Obscurity Ray Dalgarno ray@cybercast.co
  • 94. New and evolving forms of malware Mark Olding, Senior Enterprise Presales Consultant, Kaspersky Labs
  • 95. The what, how, who and why of computer malware Mark Olding Senior Enterprise Presales Consultant
  • 96. THE SCALE OF THE THREAT 1 NEW VIRUS EVERY HOUR 1994 1 NEW VIRUS EVERY MINUTE 2006 1 NEW VIRUS EVERY SECOND 2011 310,000 NEW SAMPLES EVERY DAY 2016 THE SCALE OF THE THREAT
  • 97. 90% 9.9% 0.1% Targeted attacks Advanced persistent threats Traditional cybercrime Targeted threats to organizations Cyber-weapons THE NATURE OF THE THREAT
  • 98. TRENDS AND THREATS Internet of Things Big Data Fragmentation of the internet Cloud & Virtualization Consumerisation & Mobility Critical Infrastructure at risk Increasing online commerce Privacy & Data protection challenge Online banking at risk Mobile threats Decreasing costs of APTs Merger of cyber crime and APTs Supply chain attacks Internet of Things Targeting hotel networks Ransomware programs Cyber mercenariesMassive data leaks Malware for ATMs Financial phishing attacks Attacks on PoS terminals Threats to Smart Cities ‘Wipers’ & Cyber - sabotage Targeted Attacks
  • 99. HOW MALWARE SPREADS USB sticks Email Exploit kits Social Networks
  • 101. WEB-BASED THREATS Kaspersky Lab discovered 798,113,087 web attacks in 2015 25 attacks per second 1,518 attacks per minute 2.1 million attacks per day 91,000 attacks per hour
  • 107. CONSUMER THREATS IN 2015 0 50000 100000 150000 200000 250000 300000 350000 400000 450000 Users Users 2 MILLION ATTEMPTS In 2015, Kaspersky Lab solutions blocked attempts to launch malware capable of stealing money via on-line banking on almost 2 million computers This number is 2.8% higher than in 2014
  • 111. Stuxnet Advanced Persistent Threats Duqu Gauss Flame MiniFlame Kimsuky NetTraveler Winnti Icefog RedOctober Miniduke TeamSpy Energetis Bear/ Crouching Yeti Epic Turla Careto/The Mask Regin CosmicDuke Darkhotel Spring Dragon Satellite Turla MsnMM Campaigns Darkhotel Part 2 Animal Farm Equation Desert Falcons Carbanak Sofacy Hellsing Naikon Duqu 2.0 Blue Termite Wild Neutron We discover and dissect the worlds most sophisticated malware
  • 112. HOW THE CARBANAK CYBERGANG STOLE $1bn Carbanak sent backdoor as an attachment Bank employee Emails with exploits Credentials stolen 100s of machines infected In search of admin PC Admin REC CASH TRANSFER SYSTEMS 1. Infection 2. Harvesting Intelligence Intercepting the clerk’s screen 3. Mimicking the staff How the money was stolen Online – Banking Money was transferred to the fraudsters accounts E- Payment Systems Money was transferred to banks in China and the US A targeted attack on a bank Inflated account balances The extra funds were pocketed via a fraudulent transaction Inflated account balances The extra funds were pocketed via a fraudulent transaction Controlling ATMS Orders to dispense cash at a pre- determined time
  • 113. MAC MALWARE In 2012, the flashback botnet was discovers, consisting of 700,000 computers all running under MAC OSX Cybercriminals repeatedly use MAC malware when launching targeted attacks MACs can unknowingly pass PC malware onto PCs in your network
  • 114. MAC MALWARE 0 5000 10000 15000 20000 25000 30000 2003200520072009201120132015 Malware Malware Since 2012 the proportion of adware on OSX has increased fivefold Kaspersky Lab recorded almost 6 million unique attacks on MAC devices in 2015 x5 There are more then 24,000 sample of malicious OSX files in Kaspersky Lab’s collection
  • 117. • Evaluate the risks • Patch OS and applications • Mange your network • Secure your systems  Multi-layered protection  Not just endpoints  Default-Deny  Encrypt  Don’t forget mobile • Educate staff RIGHT NOW
  • 118. • Stop fire fighting  Create a strategy • It’s bigger than IT • Delegate to experts  Assessment  Incident response  Analysis TOMORROW
  • 119. • ‘The end of APTs’ • Alternative payment systems and stock exchange • Sabotage, extortion and shame • Ransomware • Trusted resources • From ‘APT-as-a-Service’ to ‘Access-as-a-service’ • Balkanisation • Transportation • ‘Crypto-apocalypse FUTURE PROSPECTS
  • 121. Closing keynote address Vicki Gavin, Compliance Director, Head of Business Continuity & Information Security The Economist Group