Tech Refresh - The Future of Cybersecurity

•

1 like•249 views

Dive into the big picture of how technological advancements directly impact the future security landscape. More convenience and availability shouldn’t equal more risk. Along the way, we will explore how cybersecurity is impacting developments in technology and why security is more important than ever. We will end the segment with specific ways to help you protect yourself and your organization from evolving threats. By JACOB LEHMANN Managing Director and Founder CyZEn BEN SONDGEROTH Vice President Security Architect

Technology

Benjamin Sondgeroth, MS, CISSP
● Red Teamer
● Security Architect
● Meetup Co-Organizer
● Family Man
● Motorcyclist

Jake Lehmann, Managing Director of CyZen.io
● Red Teaming, Incident Response, and
Managed Services Consultant
● Dad of Troy, Frenchie, and Pug!
● Former Cybersecurity govt contractor
● Long time gamer
● Side projects include Long Island BSides and
Long Island Beer and Cybersecurity

Our Lives at a Rapid Pace
● Blurred Lines
● IoT - Smart Devices
● Cloud Services
● Machine Learning/AI
● Healthcare and Biometrics
● Blockchain
● Data Privacy
https://pixabay.com/illustrations/artificial-intelligence-brain-think-3382507/

Landscape
https://www.cybersecurity-insiders.com/trending-cybersecurity-news-headlines/

Tesla Hack
https://www.flickr.com/photos/raneko/15869504139

Managed Services vs In-House
https://commons.wikimedia.org/wiki/File:NSOC-2012.jpg

Automation
● Level 1 Work Changes
● Lift and Shift of Skills
● The Long Term Human Element
● Don’t Be Lazy
https://commons.wikimedia.org/wiki/File:Factory_Automation_Robotics_Palettizing_Bread.jpg

Predictions
● Vuln management and patching
● Real world AI
● User Behavior Analytics
● Blockchain
● Continued Tech Reliance
● Social Engineering
https://upload.wikimedia.org/wikipedia/commons/9/96/How_cybercriminals_are_infecting_and_contr
oliing_C-and-c-servers%3F.png

Tips for Success
● NETWORKING NETWORKING NETWORKING
● Step Outside the Echo Chamber
● Soft Skills
● Understand the Business
● Small Improvements Add Up

Personal Hygiene
● Mind your Authentication (MFA, Password, etc…)
● Password Managers
● Be Vigilant and Paranoid!
● Monitor alerts and accounts
● Use Encryption
● Enable Patching and Change Defaults
● Be careful posting on social media.
● Know where your data is.

Helpful Links
Have I Been Pwned? https://haveibeenpwned.com/
Lastpass: https://www.lastpass.com/
Center for Internet Security (CIS): https://www.cisecurity.org/cybersecurity-best-practices/
National Institute of Standards and Technology (NIST) Cybersecurity Framework:
https://www.nist.gov/cyberframework
National Cyber Security Center (UK): https://www.cyberaware.gov.uk/support-us
FBI Safe Online Surfing Program: https://sos.fbi.gov/

Neotys organized its first Performance Advisory Council in Scotland, the 14th & 15th of November. With 15 Load Testing experts from several countries (UK, France, New-Zeland, Germany, USA, Australia, India…) we explored several theme around Load Testing such as DevOps, Shift Right, AI etc. By discussing around their experience, the methods they used, their data analysis and their interpretation, we created a lot of high-value added content that you can use to discover what will be the future of Load Testing. You want to know more about this event ? https://www.neotys.com/performance-advisory-council

EMFcamp2022 - What if apps logged into you, instead of you logging into apps?

Chris Swan

As a hacker and engineer I've been interested in identity and privacy since the dawn of the Internet and the online services it's enabled. For the past year I've been helping to build and open source The @ Platform, which inverts the usual model by giving everybody (and every thing) their own place to store data and control who (and what) has access to it. This talk will give an overview of the platform and its underlying protocol, and illustrate how it can be used to build privacy preserving apps and Internet connected things. It will also cover how the platform can be self hosted on devices like the Raspberry Pi, and how people can get involved in the open source community growing around it.

In the Cybersecurity for Executives Certificate Program at USF Muma College of Business you’ll learn a whole new vocabulary; attack surface, the Dark Web, DDOS, zombie drones, ransomware. As you study organizations who were victims of preventable cyber attacks (Target, Bank of America, Lockheed Martin, NSA), you’ll see how they detected and reacted to a breach both effectively and non-effectively. Learn how top companies dealt with the unexpected effects of an attack, how they recovered, and what additional layers of defense they’ve added to prevent cyber attacks in the future.

Pandangan teknologi masa depan dan peluang terciptanya aplikasiWhisnu Sucitanuary

Palvelut ja uusi teknologia tuomassa tasapainoa työhön ja vapaa-aikaan

Pete Nieminen

SPSUK2013 - Matt Groves - Cloud Readiness

Matt Groves

The future work force in the ICT industry and why you need to act now

Joshua Nomwesigwa

OS17 BrochureDominic Vogel

MongoDB, ANTS, and the IC

MongoDB

Cleared Job Fair Job Seeker Handbook May 24, 2018, BWI, MD

ClearedJobs.Net

Supercharged graph visualization for cyber security

Cambridge Intelligence

Using KeyLines 3.0 to visualize your cyber data at scale Cyber security analysts face data overload. They work with information on a massive scale, generated at millisecond levels of resolution detailing increasingly complex attacks. To make sense of this data, analysts need an intuitive and engaging way to explore it: that’s where graph visualization plays a role. During this session, Corey will show examples of how graph visualization can help users explore, understand and derive insight from real-world cyber security datasets. You will learn: • How graph visualization can help you extract insight from cyber data • How to visualize your cyber security graph data at scale using WebGL • Why KeyLines 3.0 is the go-to tool for large-scale cyber graph visualization. This session is suitable for a non-technical audience.

IoT Security: Cases and Methods [CON5446]

Leonardo De Moura Rocha Lima

In developing for IoT, security is not often the highest priority: APIs exposed without care and devices deployed with default passwords become gateways to your network and your data. Many best practices can be used to thwart attacks on your devices, but they have to be thought through from the first architectural design. This session covers many recent IoT attacks, their consequences, and how they could have been prevented. It also explores the many security levels one device can have, from totally exposed to completely secured against physical tampering and identity theft.

The digital future 2020

Karthikeyan NG

ieeecompsoc-180814120838.pptx

WalidMG1

Web 3.0 – From Buzzword to Security with Schellman

saastr

Douglas Barbin, Managing Principal & Chief Growth Officer @ Schellman Avani Desai, CEO @ Schellman Blockchain, Cryptocurrency, NFTs, DigitalID, etc. There are lots of topics out there that capture the public’s attention and technology professionals at the same time. The goal of this presentation is to provide a basic understanding of core web 3.0 technologies including blockchain(s) and the role of identity management in a more decentralized computing environment. No buzzwords, no long-winded explanations, just real use- cases and perspectives on where SaaS providers should focus their attention in this emerging space.

Managing Cloud Security Design and Implementation in a Ransomware World

MongoDB

Managing Cloud Security Design and Implementation in a Ransomware World Speaker: Davi Ottenheimer, Senior Director, Product Security, MongoDB Level: Beginner Track: Security .Security is an ever-changing and evolving landscape. Unique features to cloud infrastructure, coupled with threat expansions, begs review of past and current risk management practices. Attendees will hear how and why to evolve security design and implementation to meet novel challenges to confidentiality, integrity and availability in cloud. An overview to set real-world threat context is followed by a dive into high-profile examples, including the mechanics of ransomware attacks. Finally a recommended infrastructure control design will be elaborated for more secure operation of platforms. What You Will Learn: - Cloud threat modeling strategies. - Security control considerations for cloud. - Ransomware mechanics, how to prevent them and respond.

Internet of things - what is really happening

Thor Henning Hetland

Digital Transformation with 2 Speed IT & Agile Scrum

toamitkumar

Welcome to MobModCon #1

Ron Munitz

COMIT Community Day Spring 2019 - Blockchain

Comit Projects Ltd

CompTIA IT Employment Tracker – December 2021

CompTIA

CompTIA IT Employment Tracker – November 2021

CompTIA

Similar to Tech Refresh - The Future of Cybersecurity

Chit Chat Seputar Dunia IT (1).pptx

caghiyadhk

Chuck Brooks Updated Profile: on Homeland Security, Cybersecurity, Emerging T...

Chuck Brooks

Brochure - Cybersecurity for Executives Certificate Program at USF

Jack Koons

Pandangan teknologi masa depan dan peluang terciptanya aplikasiWhisnu Sucitanuary

Palvelut ja uusi teknologia tuomassa tasapainoa työhön ja vapaa-aikaan

Pete Nieminen

SPSUK2013 - Matt Groves - Cloud Readiness

Matt Groves

The future work force in the ICT industry and why you need to act now

Joshua Nomwesigwa

OS17 BrochureDominic Vogel

MongoDB, ANTS, and the IC

MongoDB

Cleared Job Fair Job Seeker Handbook May 24, 2018, BWI, MD

ClearedJobs.Net

Supercharged graph visualization for cyber security

Cambridge Intelligence

IoT Security: Cases and Methods [CON5446]

Leonardo De Moura Rocha Lima

The digital future 2020

Karthikeyan NG

ieeecompsoc-180814120838.pptx

WalidMG1

Web 3.0 – From Buzzword to Security with Schellman

saastr

Managing Cloud Security Design and Implementation in a Ransomware World

MongoDB

Internet of things - what is really happening

Thor Henning Hetland

Digital Transformation with 2 Speed IT & Agile Scrum

toamitkumar

Welcome to MobModCon #1

Ron Munitz

COMIT Community Day Spring 2019 - Blockchain

Comit Projects Ltd

Similar to Tech Refresh - The Future of Cybersecurity (20)

Chit Chat Seputar Dunia IT (1).pptx

Chuck Brooks Updated Profile: on Homeland Security, Cybersecurity, Emerging T...

Brochure - Cybersecurity for Executives Certificate Program at USF

Pandangan teknologi masa depan dan peluang terciptanya aplikasi

Palvelut ja uusi teknologia tuomassa tasapainoa työhön ja vapaa-aikaan

SPSUK2013 - Matt Groves - Cloud Readiness

The future work force in the ICT industry and why you need to act now

OS17 Brochure

MongoDB, ANTS, and the IC

Cleared Job Fair Job Seeker Handbook May 24, 2018, BWI, MD

Supercharged graph visualization for cyber security

IoT Security: Cases and Methods [CON5446]

The digital future 2020

ieeecompsoc-180814120838.pptx

Web 3.0 – From Buzzword to Security with Schellman

Managing Cloud Security Design and Implementation in a Ransomware World

Internet of things - what is really happening

Digital Transformation with 2 Speed IT & Agile Scrum

Welcome to MobModCon #1

COMIT Community Day Spring 2019 - Blockchain

Recently uploaded

Leading Change strategies and insights for effective change management pdf 1.pdf

OnBoard

Essentials of Automations: Optimizing FME Workflows with Parameters

Safe Software

Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place. Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects. Here’s what you’ll gain: - Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows. - Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy. - Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency. - Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity. We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic. Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Ramesh Iyer

In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

Assuring Contact Center Experiences for Your Customers With ThousandEyes

ThousandEyes

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

UiPathCommunity

💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™: See how to accelerate model training and optimize model performance with active learning Learn about the latest enhancements to out-of-the-box document processing – with little to no training required Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath. Speakers: 👨‍🏫 Andras Palfi, Senior Product Manager, UiPath 👩‍🏫 Lenka Dulovicova, Product Program Manager, UiPath

Bits & Pixels using AI for Good.........

Alison B. Lowndes

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

When stars align: studies in data quality, knowledge graphs, and machine lear...

Elena Simperl

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Tobias Schneck

As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other? Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

PHP Frameworks: I want to break free (IPC Berlin 2024)

Ralf Eggert

In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development. This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.

Search and Society: Reimagining Information Access for Radical Futures

Bhaskar Mitra

The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.

The Future of Platform Engineering

Jemma Hussein Allen

Recently uploaded (20)

Leading Change strategies and insights for effective change management pdf 1.pdf

Essentials of Automations: Optimizing FME Workflows with Parameters

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

The Art of the Pitch: WordPress Relationships and Sales

Assuring Contact Center Experiences for Your Customers With ThousandEyes

DevOps and Testing slides at DASA Connect

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

Bits & Pixels using AI for Good.........

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

When stars align: studies in data quality, knowledge graphs, and machine lear...

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

UiPath Test Automation using UiPath Test Suite series, part 4

PHP Frameworks: I want to break free (IPC Berlin 2024)

Search and Society: Reimagining Information Access for Radical Futures

The Future of Platform Engineering

Tech Refresh - The Future of Cybersecurity

1. The Future of Cybersecurity

2. Benjamin Sondgeroth, MS, CISSP ● Red Teamer ● Security Architect ● Meetup Co-Organizer ● Family Man ● Motorcyclist

3. Jake Lehmann, Managing Director of CyZen.io ● Red Teaming, Incident Response, and Managed Services Consultant ● Dad of Troy, Frenchie, and Pug! ● Former Cybersecurity govt contractor ● Long time gamer ● Side projects include Long Island BSides and Long Island Beer and Cybersecurity

4. Our Lives at a Rapid Pace ● Blurred Lines ● IoT - Smart Devices ● Cloud Services ● Machine Learning/AI ● Healthcare and Biometrics ● Blockchain ● Data Privacy https://pixabay.com/illustrations/artificial-intelligence-brain-think-3382507/

5. Landscape https://www.cybersecurity-insiders.com/trending-cybersecurity-news-headlines/

6. Who Is Doing the Attacking

7. Tesla Hack https://www.flickr.com/photos/raneko/15869504139

8. Managed Services vs In-House https://commons.wikimedia.org/wiki/File:NSOC-2012.jpg

9. Automation ● Level 1 Work Changes ● Lift and Shift of Skills ● The Long Term Human Element ● Don’t Be Lazy https://commons.wikimedia.org/wiki/File:Factory_Automation_Robotics_Palettizing_Bread.jpg

10. Predictions ● Vuln management and patching ● Real world AI ● User Behavior Analytics ● Blockchain ● Continued Tech Reliance ● Social Engineering https://upload.wikimedia.org/wikipedia/commons/9/96/How_cybercriminals_are_infecting_and_contr oliing_C-and-c-servers%3F.png

11. Tips for Success ● NETWORKING NETWORKING NETWORKING ● Step Outside the Echo Chamber ● Soft Skills ● Understand the Business ● Small Improvements Add Up

12. Personal Hygiene ● Mind your Authentication (MFA, Password, etc…) ● Password Managers ● Be Vigilant and Paranoid! ● Monitor alerts and accounts ● Use Encryption ● Enable Patching and Change Defaults ● Be careful posting on social media. ● Know where your data is.

13. Helpful Links Have I Been Pwned? https://haveibeenpwned.com/ Lastpass: https://www.lastpass.com/ Center for Internet Security (CIS): https://www.cisecurity.org/cybersecurity-best-practices/ National Institute of Standards and Technology (NIST) Cybersecurity Framework: https://www.nist.gov/cyberframework National Cyber Security Center (UK): https://www.cyberaware.gov.uk/support-us FBI Safe Online Surfing Program: https://sos.fbi.gov/

14. Questions?

Tech Refresh - The Future of Cybersecurity

Recommended

Recommended

More Related Content

Similar to Tech Refresh - The Future of Cybersecurity

Similar to Tech Refresh - The Future of Cybersecurity (20)

More from CompTIA

More from CompTIA (20)

Recently uploaded

Recently uploaded (20)

Tech Refresh - The Future of Cybersecurity