Go Secure October 20, 2015 East Port Meeting and Event Center
|
|
- Elfreda Day
- 5 years ago
- Views:
Transcription
1 Go Secure October 20, 2015 East Port Meeting and Event Center
2 Today s Agenda 8:30 Sign in, light breakfast, seating 9:00 Welcome Emerging Threats, Trends, and News CIAN CEO 9:30 Collating Your Log Activity LogRhythm 10:30 Break 10:45 Is There a Man in the Middle of Your Network? CIAN Eng 11:00 Pwning Home and Network Scanning CIAN Eng 11:30 Lunch 12:00 Choosing the Right Wireless PacketPower 1:00 If It Quacks Like a Duck - CIAN Eng 1:30 Who Lives in A Pineapple Under Your Desk? CIAN Eng 2:00 Break 2:15 What s Hovering Overhead? CIAN Eng 2:45 Closing remarks, Q&A, Networking
3 Welcome Logistics CIAN Emerging Threats This Year s Hacks and News Infrastructure Threat Technology Disruptions Let s Dig Deeper Analyze don t accept Llamas and turtles and duckies oh, my!
4 Let s Go Shopping!
5
6 Cool Security Sites COOL SITES Apps: NewsFusion (Security Feeds) PodCasts: SANS Institute PodCasts: CERT PodCast: Security for Business Leaders
7 LogRhythm Overview Richard Patrick, Sales Engineer
8 The LogRhythm Difference Focus Innovation Holistic Threat Analytics End-to-End Threat Lifecycle Management Platform Scalability & Flexibility Customer Commitment & Rapid Time to Value
9 Is There a Man in the Middle of Your Network? Covert systems administration and penetration tool Use of SSH software such as PuTTY, or through SSH on Linux Remote Access Network Intelligence Man-in-the-Middle LAN TURTLE
10 Covertly installed to provide remote access to the whole network. Surreptitiously installed to poison DNS Secretly installed to intercept and log web traffic Exfiltration of shared data from within the host LAN to an outside SSH filesystem Act as an OpenVPN Gateway Quickly initiate an automated map Provide a persistent reverse shell over SSH Masquerade as a legitimate USB Ethernet adapter Man in the Middle
11 MANY Ways to Get a Device Installed Within a Network Covertly installed in an available USB port on the back of a desktop computer Concealed in a network closet Concealed in a telephone room Concealed in a server rack Man in the Middle
12
13 IoT = Insecurity of Things Internet of Things (IoT) - network of physical objects embedded with electronics, software, sensors, and network connectivity Enables these objects to collect and exchange data Allows objects to be sensed and controlled remotely Creates opportunities for more direct integration Completely changed creating potential for a great deal of insecurity Networks are being bombarded with hundreds of devices Interact Track Monitor Simplify
14 Laptops and Tablets Mobile Phones Printers, Scanners, Fax Routers, Switches, Servers Thermostat Monitoring Bluetooth Devices Fitness / Wellness Monitors Music Devices Lighting Controls Home Security Devices Baby Monitors TV s / DVD s Players Home Automations Smart Scales / Body Analyzers Smart Watches Sleep Tracking Devices Drones Wi-Fi Cameras Smart Cooking Devices Smart Appliances Smart Locks Smart Weather Stations Smart Clothing Audio Recording Devices Smart Glasses Plant Health Trackers Activity Trackers Credit Card POS Devices Key Tracking Vehicle Tracking Vehicle Wi-Fi AND SO MANY MORE
15 Risks Associated with Today s Internet of Things in Business The following are the most significant* Extensive number of important and concerning findings regarding IoT within businesses 1. IoT devices are actively penetrating regulated industries (healthcare, energy infrastructure, government, financial services, and retail) 2. Three principal risks a) Introduce new avenues for potential remote exploitation b) The infrastructure to enable is beyond both the user and IT s control c) IT often has a casual approach leaves unmonitored and unpatched *Source: OpenDNS Study The 2015 Internet of Things in the Enterprise Report
16 Risks Associated with Today s Internet of Things in Business (Cont d) 3. Fitbit, Western Digital My Cloud devices, Samsung Smart TVs, and others continuously beacon out to servers in the US, Asia, and Europe even when not in use. 4. External hard drives the most prevalent IoT endpoints observed. Devices are actively transferring data to insecure cloud servers. 5. Survey of more than 500 IT and security professionals found that 23 percent of respondents have no controls in place to prevent someone from connecting unauthorized devices to their company s networks.
17 Notable Internet of Things Breaches Remember the TARGET Breach in 2013? Access was gained through the use of credentials stolen from an HVAC contractor who had remote access into Targets network. TAKE AWAY Even the simple things like heating and cooling can lead to potential breaches
18 SnapChat The SnapChat million users. Website allows users save Snapchat photos and videos Hack exposed over 200,000 images and videos
19 Personal information 145 million users Databases were accessed by using employee login details to get into the corporate system
20 Do you use Apple s icloud? Loophole in the icloud system - using third-party software to access icloud backup accounts. Has been repaired through the use of dual-factor authentication Targeted celebrities but future loopholes will target? Government, Businesses, YOU?
21 Shellshock Bash Mac OS X, Linux, and Unix systems - potential to remotely execute commands to computers, devices, and websites Interpreter carries out commands on laptops, routers, websites- potential to put hundreds of millions of devices at risk Hackers went to work quickly to check out who was vulnerable Many companies patched immediately Bash bug still has potential Don't panic patching available Protect yourself by updating your computers and devices with the latest firmware.
22 Are Your Mobile Devices Safe? Cybercriminals Are Taking Notice More people than ever are using smartphones and tablets Revenue = more threats on sensitive transactions such as online shopping and banking
23 Securing Your Internet of Things Knowledge Security Vigilance Resilience
24 Social Media Targeting is on the RISE Cybercriminals strive to learn our interests, gain our trust, and masquerade as friends Socially engineered attacks hard to spot until the damage is done Social Networking Facebook, Google+, Linkedin, Twitter Content Sharing Pinterest, Facebook, Dropbox, Google Drive Location-based Services Foursquare, Google Latitude, Facebook, Gowalla
25 Risks to Business Ignoring the fact that Social Media poses a risk (account hijacking, unauthorized account access, content-based threats) Malware Attacks, Network Breaches, Intellectual Property Theft, Leakage of Sensitive Business Information, Hijacking of Websites and Social Media Accounts, and MANY MORE!! Educate your employees of the risks of Social Media, and the damages that can occur
26 Change Employee Behavior 1. Create, implement, and reinforce policies on acceptable use of social media 2. Promote the use of strong passwords 3. Reinforce network monitoring and data protection policies 4. Choose browsers with high malware block rates 5. Be careful what is posted on LinkedIn Specifically: 1. Employee education program on acceptable use of social media 2. Tell Employees of acceptable things to say on social networking sites about the company 3. Tailor the education program to meet the security knowledge level of your employees 4. Show employees how to recognize current scams and phishing websites, , phone calls, etc. 5. Fully explain the consequences of failure to follow company policies on use of social media 6. Be very clear: jobs are at risk for those who violate the corporate code of conduct for privacy, client confidentiality and intellectual property.
27 Third Party Attacks IT Support Call Scams Targeted Spear Phishing Attacks to small groups within your company V-phishing Attacks
28 Passwords Educate! Strong passwords AND keeping passwords safe SOLUTION: Password Manager Store login credentials safely Store credit card # securely Avoid password cloud based managers Back up your password manager files and reset key RECOMMENDED Program KeePass Free Open-Source password manager. The source code is constantly being audited by the public making it an extremely secure
29 Cloud Based Password Manager Hacked! In June of 2015 LastPass the victim of a cyberattack Compromised addresses, password reminders, server per user salts, authentication hashes, and potentially passwords The company said it believed its encryption measures would protect most users Just one more reason NOT to use a cloud based Password Manager
30 PWNING HOME
31 hoosing the Right ireless for your Data enter GoSecure 2015 APRIL 2015
32 About Packet Power Founded in 2008 Based in Minneapolis, MN Global partner network Customers on 6 continents Over 30,000 monitoring units deployed Packet Power 2015 Packet Power
33 What we do Power monitoring Environmental monitoring Software Packet Power 2015 Packet Power
34 The Data Center Challenge Significant amounts of radio signal impedance Metal, floor tiles, room dividers, etc. Unusually high amount of radio interference Servers, switches Ability to support small or large networks spanning multiple locations Tremendous focus on security Isolation of networks Changes in network topology due to growth No Wifi Policies Packet Power 2015 Packet Power
35 Wireless Checklist Secure Out-of-band Invisible Scalable and Robust Simple to Manage Built for Monitoring Applications Packet Power 2015 Packet Power
36 Secure Encryption is not a complete solution Encryption does not protect from: Packet Power 2015 Breaches by careless insiders Breaches by Malicious outsiders DATA EXPOSURE is the real risk to consider Limit/eliminate the information available Packet Power
37 Out-of-band Independent of your or your customers network Impossible to access any business data Use physically distinct transport protocol Different physical radio systems Frequencies Uni-directional (read only) Packet Power 2015 Packet Power
38 Invisible Avoid networks that easily are detectable using consumer-grade tools Wifi Zigbee Bluetooth Secure networks still subject to disruption or Denial-of-Service (DOS) attacks Packet Power 2015 Packet Power
39 Scalable and Robust Tens to thousands of monitoring points Network performance maintained with growth Optimized for tough data center and IT environments Packet Power 2015 Packet Power
40 Simple to Manage Eliminating Network Management Specialists Ability to act on all devices in parallel Individual device configuration is prohibitively time consuming 1 minute per device on 1000 devices = 17 hours!!! Packet Power 2015 Packet Power
41 Built for Monitoring Demand for monitoring at all levels is growing Must support all types of monitoring devices: Mains powered devices, battery powered devices, parasitically powered devices Ability to monitor devices locked in radioshielded enclosures Creates network traffic and topology patterns not encountered or considered by generic protocols Packet Power 2015 Packet Power
42 Summary Traditional wireless networks (Wi-fi, Zigbee, Bluetooth) are not well suited for challenging data center environments Packet Power 2015 Easy to detect Change infrequently Utilize the same protocols as corporate and consumer data networks Work in radio environments with limited, relatively stable interference Packet Power
43 Packet Power s Approach Make it easy and affordable to obtain power and environmental information where it is of value Providing a wireless monitoring network that meets the data center challenges while being: Secure Simple Scalable Robust Flexible Cost-Effective Packet Power 2015 Packet Power
44 Packet Power Network Basic Mesh Technology Purpose Built-Protocol Solely power and environmental data, network management info Communicates over MHz and 2.4 GHz frequencies Longer wavelengths Navigate high-interference environments better than traditional Certified for use around the globe Packet Power 2015 Packet Power
45 Basic Mesh Technology Utilize a spread-spectrum frequency-hopping wireless mesh radio network: Increases installation flexibility (physical layout) More resilient network Radio frequency subdivided into multiple channels Greatly reduces odds of creating or incurring interference Dynamic Routing Scans network for most optimal path Packet Power 2015 Packet Power
46 Secure Two things: Protection and Prevention Offer full encryption AES-128 for over-the-air Distinct encryption keys can be used to any device(s) Network is less obvious and less attractive target than traditional network technologies Packet Power 2015 Packet Power
47 Secure (Continued) Transmit only mundane information Power, Environmental, Time, GUID, Firmware Designed to prevent it from being used as a platform for intrusion Communication is limited in scope to monitoring information and network performance IP (wired) data is separated from on-air (wireless) data Ethernet Gateway does not broadcast, data must be pulled Packet Power 2015 Packet Power
48 Secure (Continued) Impossible to gain access to a customer s IP network via Ethernet Gateway Ability to implement entire network out of band and isolated from the rest of IP network Network designed has allowed us to pass stringent network security tests at large financial institutions Packet Power 2015 Packet Power
49 Simple Network No pre-installation required Self-forming network Optimizes performance with every transmission Automatically adapts to number of devices on the network Preparation No cable drops, switch port allocation, IP address assignment, network configuration No need to remove existing equipment Packet Power 2015 Packet Power
50 Scalable Designed for growing environments using the mesh design, dynamic routing and purpose-built protocol Simply add devices to the system and they automatically adapt Firmware-Upgrades are over the air without disruption Ability to segregate via wireless network isolation Packet Power 2015 Packet Power
51 Robust Designed for tough conditions Contends with metal and noise long wavelengths multiple paths small transmissions dynamic routing Works for big and small installs Packet Power 2015 Packet Power
52 Flexible Monitor where you want servers, branch circuits, PDUs, panels, switchgear low, medium and high-density tracking Mix and match as you see fit Grow easily over time Fully open and vendor neutral Packet Power 2015 Packet Power
53 Cost Effective Hardware low price per unit no need to run cables or remove existing devices use your existing software Software low total cost instant access to information no need for expensive consultants Shortest time to value Packet Power 2015 Packet Power
54 Packet Power Power monitoring Environmental monitoring Software Packet Power 2015 Packet Power
55 Facility-wide power monitoring Device, branch circuit and mains metering AC and DC Wide range of form factors New build and retrofit Primary uses cost allocation operations management energy efficiency Packet Power 2015 Packet Power
56 Product line Smart power cables S models: 1-phase circuits from 10 to 32 R models: 1-phase > 32A, 3-phase from 15 to 100A Panel monitoring panel infeed circuits or selective branch circuits switchgear, MDPs, RPPs, floor PDUs Current-only monitoring at tap off box 48V and 380V DC monitoring Integrated power strips, busways and whips Packet Power 2015 Packet Power
57 Retrofit: educate a power strip No better way to make a basic PDU into a smart PDU Saves time and money Uniform metering solution across different vendors Packet Power 2015 Packet Power
58 48V Direct Current Monitoring Wireless power monitors Integrated 35 and 65 amp CTs External A solid- or splitcore CTs Small size 35 x 35 mm base DIN rail or tabbed base for screw mounting also available Powered from 35 to 60V source ± 1% accuracy at % of range Packet Power 2015 Packet Power
59 New build: minimize metering costs Lower costs by using Packet Power monitors built into Overhead busways Rack power strips Underfloor whips Monitor input circuits at panels to track high-level usage Smart power cables make it easy to add monitoring over time Packet Power 2015 Packet Power
60 Match environmental monitoring to needs Vary cabinet-level monitoring cool rack = one or 2 probes hot rack = 6 probes Easily track performance containment systems floor tile changes plenum temperature and pressure CRAC intake and output humidification Verify compliance with SLAs probe location Packet Power 2015 Packet Power
61 Flexible environmental monitoring E306-1 to 6 temperature points per unit AC power or PoE with splitter E312-1 to 12 temperature points per unit 2 x AA battery or optional AC power Temperature probe choices individual probes - 1 to 15 meters probe assemblies - 1, 2, 3, 4 or 6 probes / cabinet Option for relative humidity and differential pressure Packet Power 2015 Packet Power
62 Instant information from EMX Get immediate value data automatically flows on install no external consultants needed customize when and as you see fit Real-time alerts Flexible reporting Cloud service or local software Works with non-packet Power monitors Packet Power 2015 Packet Power
63 Sophisticated monitoring made easy Simple Easy to install Easy to get the data Easy to manage configures itself Robust adapts to changes grows easily optimizes performance Secure Designed for tough conditions Contends with a lot of metal and noise long wavelengths ~ 900 MHz multiple paths small transmissions dynamic routing Works for big and small Flexible installs Hardware low price per unit no need to run cables or remove existing devices use your existing software Software low total cost Instant access to information no need for expensive consultants works with existing monitoring units Shortest time to value Complete Cost-effective Separate from primary networks Limited, purpose-built protocol Wireless / wired separation Data is pulled on wired network Sub-divide wireless networks Encryption Monitor where you want servers, branch circuits, PDUs, panels, switchgear low, medium and high-density tracking Mix and match as you see fit Grow easily over time Fully open and vendor neutral works on any vendors hardware send data from our monitors to other software use data from other monitors in our software Power monitoring Environmental monitoring Software Packet Power 2015 Packet Power
64 Proven worldwide Packet Power 2015 Packet Power
65 Monitoring Made Easy Thank you APRIL 2015
66 DEMO Rubber Ducky
67 DEMO
68 DEMO
Monitoring Made Easy. October 2015 APRIL 2015
Monitoring Made Easy October 2015 APRIL 2015 About Packet Power Founded in 2008 Based in Minneapolis, MN Global partner network Customers on 6 continents Over 30,000 monitoring units deployed 2 Our goal
More informationWIRELESS ENVIRONMENTAL MONITORS
Packet Powers compact wireless Environmental Monitors makes it easy and affordable to monitor all environmental conditions in your facility. From installation to monitoring in minutes 1 Place wireless
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationPRACTICING SAFE COMPUTING AT HOME
PRACTICING SAFE COMPUTING AT HOME WILLIAM (THE GONZ) FLINN M.S. INFORMATION SYSTEMS SECURITY MANAGEMENT; COMPTIA SECURITY+, I-NET+, NETWORK+; CERTIFIED PATCHLINK ENGINEER ENTERPRISE INFORMATION SYSTEMS
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including
More informationAchieving End-to-End Security in the Internet of Things (IoT)
Achieving End-to-End Security in the Internet of Things (IoT) Optimize Your IoT Services with Carrier-Grade Cellular IoT June 2016 Achieving End-to-End Security in the Internet of Things (IoT) Table of
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including steep financial losses, damage
More informationWireless Best Kept Secret For Now
Wireless Best Kept Secret For Now IoT Event June 2014 Gilles Thonet Managing Director Europe, ZigBee Alliance 2014 ZigBee Alliance. All rights reserved. 1 ZigBee Alliance at 10 Years Who we are Open, global,
More informationChapter 11: Networks
Chapter 11: Networks Devices in a Small Network Small Network A small network can comprise a few users, one router, one switch. A Typical Small Network Topology looks like this: Device Selection Factors
More informationProtect Yourself Against VPN-Based Attacks: Five Do s and Don ts
White Paper Protect Yourself Against VPN-Based Attacks: Five Do s and Don ts Don t let stolen VPN credentials jeopardize your security March 2015 A TECHTARGET WHITE PAPER Most IT professionals take for
More informationSecuring Devices in the Internet of Things
AN INTEL COMPANY Securing Devices in the Internet of Things WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationmhealth SECURITY: STATS AND SOLUTIONS
mhealth SECURITY: STATS AND SOLUTIONS www.eset.com WHAT IS mhealth? mhealth (also written as m-health) is an abbreviation for mobile health, a term used for the practice of medicine and public health supported
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 12.16 EB7178 DATA SECURITY Table of Contents 2 Data Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationHow to Build a Culture of Security
How to Build a Culture of Security March 2016 Table of Contents You are the target... 3 Social Engineering & Phishing and Spear-Phishing... 4 Browsing the Internet & Social Networking... 5 Bringing Your
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationIT & DATA SECURITY BREACH PREVENTION
IT & DATA SECURITY BREACH PREVENTION A PRACTICAL GUIDE Part 1: Reducing Employee and Application Risks CONTENTS EMPLOYEES: IT security hygiene best practice APPLICATIONS: Make patching a priority AS CORPORATE
More informationSecuring Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)
Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF) A Guide to Leveraging Privileged Account Security to Assist with SWIFT CSCF Compliance Table of Contents Executive Summary...
More informationProduct Overview Version 1.0. May 2018 Silent Circle Silent Circle. All Rights Reserved
Product Overview Version 1.0 May 2018 Silent Circle The Problem Today s world is mobile. Employees use personal and company owned devices smartphones, laptops, tablets to access corporate data. Businesses
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationIT-Security Challenges in the Internet of Things. Christian Graffer Product Manager Endian
IT-Security Challenges in the Internet of Things Christian Graffer Product Manager Endian Who is Endian? Founded in 2003 at Bolzano, Italy, by a team of experienced network specialists and Linux enthusiasts
More informationAngelo Gentili Head of Business Development, EMEA Region, PartnerNET
Angelo Gentili Head of Business Development, EMEA Region, PartnerNET The Innovation Solution in the Business Security Field. PartnerNet introduces Seqrite Welcome To Dynamic. Scalable. Future-Ready. Why
More informationThe Internet of Things. Steven M. Bellovin November 24,
The Internet of Things Steven M. Bellovin November 24, 2014 1 What is the Internet of Things? Non-computing devices...... with CPUs... and connectivity (Without connectivity, it s a simple embedded system)
More informationWelcome. Password Management & Public Wi-Fi Security. Hosted by: Content by:
Welcome Password Management & Public Wi-Fi Security Hosted by: Content by: Presenter: Ray Cool, CEO PBSI Technology Solutions Webinar will begin at 1:00 Welcome Foster & Motley Clients to Security Education
More informationKeep the Door Open for Users and Closed to Hackers
Keep the Door Open for Users and Closed to Hackers A Shift in Criminal Your Web site serves as the front door to your enterprise for many customers, but it has also become a back door for fraudsters. According
More informationSecuring Your Most Sensitive Data
Software-Defined Access Securing Your Most Sensitive Data Company Overview Digital Growth Means Digital Threats Digital technologies offer organizations unprecedented opportunities to innovate their way
More informationManaging IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services
Managing IT Risk: What Now and What to Look For Presented By Tina Bode IT Assurance Services Agenda 1 2 WHAT TOP TEN IT SECURITY RISKS YOU CAN DO 3 QUESTIONS 2 IT S ALL CONNECTED Introduction All of our
More informationSecuring the SMB Cloud Generation
Securing the SMB Cloud Generation Intelligent Protection Against the New Generation of Threats Colin Brackman, National Distribution Manager, Consumer Sales, Symantec Christopher Covert Principal Product
More informationKeys to a more secure data environment
Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting
More informationFrequently Asked Questions WPA2 Vulnerability (KRACK)
Frequently Asked Questions WPA2 Vulnerability (KRACK) Release Date: October 20, 2017 Document version: 1.0 What is the issue? A research paper disclosed serious vulnerabilities in the WPA and WPA2 key
More informationTroubleshooting and Cyber Protection Josh Wheeler
May 4, 2016 Troubleshooting and Cyber Protection Josh Wheeler Network Security Network Security Risks Video Network Security Risks Article Network Security Risks Data stealing or disruption of network
More informationSmart Cities Real Opportunity or Marketing Hype? Aaron Hesse, PE, RCDD Infrastructure Engineer Avista Utilities
Smart Cities Real Opportunity or Marketing Hype? Aaron Hesse, PE, RCDD Infrastructure Engineer Avista Utilities Driving Forces The Smart City Concept Components of a Smart City Smart City Infrastructure
More informationMOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner
MOBILE SECURITY 2017 SPOTLIGHT REPORT Group Partner Information Security PRESENTED BY OVERVIEW Security and privacy risks are on the rise with the proliferation of mobile devices and their increasing use
More informationSECURITY ON PUBLIC WI-FI New Zealand. A guide to help you stay safe online while using public Wi-Fi
SECURITY ON PUBLIC WI-FI New Zealand A guide to help you stay safe online while using public Wi-Fi WHAT S YOUR WI-FI PASSWORD? Enter password for the COFFEE_TIME Wi-Fi network An all too common question
More informationMake security part of your client systems refresh
Make security part of your client systems refresh Safeguard your information with Dell Data Security Solutions while boosting productivity and reducing costs Your organization might have many reasons for
More informationEthical Hacking and Countermeasures: Secure Network Operating Systems and Infrastructures, Second Edition
Ethical Hacking and Countermeasures: Secure Network Operating Systems and Infrastructures, Second Edition Chapter 7 Hacking Mobile Phones, PDAs, and Handheld Devices Objectives After completing this chapter,
More information5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief
5 Trends That Will Impact Your IT Planning in 2012 Layered Security Executive Brief a QuinStreet Excutive Brief. 2011 Layered Security Many of the IT trends that your organization will tackle in 2012 aren
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationTHE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:
June 2013 Sponsored by Introduction Mobile devices cause ongoing concern for IT teams responsible for information security. Sensitive corporate information can be easily transported and lost, while the
More informationWayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk
Wayward Wi-Fi How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk 288 MILLION There are more than 288 million unique Wi-Fi networks worldwide. Source: Wireless Geographic Logging
More informationSecuring the future of mobility
Kaspersky Transportation System Security AVL Software and Functions Securing the future of mobility www.kaspersky.com #truecybersecurity Securing the future of mobility Connected car benefits The need
More informationCybersecurity with Automated Certificate and Password Management for Surveillance
Cybersecurity with Automated Certificate and Password Management for Surveillance October 2017 ABSTRACT This reference architecture guide describes the reference architecture of a validated solution to
More informationMotorola AirDefense Retail Solutions Wireless Security Solutions For Retail
Motorola AirDefense Retail Solutions Wireless Security Solutions For Retail Wireless Risks in Retail The PCI Security Standards Council is an open global forum, founded by American Express, Discover Financial
More informationSECURE DATA EXCHANGE
POLICY-DRIVEN SOLUTIONS FOR SECURE DATA EXCHANGE Sending and receiving data is a fundamental part of daily business for nearly every organization. Companies need to share financial transaction details,
More informationHP Security Solutions for business PCs. Comprehensive protection measures so you can work smarter and with greater confidence.
HP Security Solutions for business PCs Comprehensive protection measures so you can work smarter and with greater confidence. Companies lose millions of dollars every year due to inadequate security. Informally-run
More informationMobile Security Fall 2013
Mobile Security 14-829 Fall 2013 Patrick Tague Class #6 More WiFi Security & Privacy Issues WiFi Security Issues A Scenario Internet Open AP SSID Network X Open OpenAP AP SSID Attacker Network X LaptopLaptop
More informationThe Top 6 WAF Essentials to Achieve Application Security Efficacy
The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and
More informationWelcome. ScrogginsGrear clients. to Cybersecurity Education Series. Password Management & Public Wi-Fi Security
Welcome ScrogginsGrear clients to Cybersecurity Education Series Password Management & Public Wi-Fi Security Presenter: Ray Cool, CEO PBSI Technology Solutions Webinar will begin at 1:00 Welcome ScrogginsGrear
More informationYour wireless network
Your wireless network How to ensure you are meeting Government security standards Cabinet Office best practice Wi-Fi guidelines Overview Cyber Security is a hot topic but where do you start? The Cabinet
More informationAN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP
AN IPSWITCH WHITEPAPER The Definitive Guide to Secure FTP The Importance of File Transfer Are you concerned with the security of file transfer processes in your company? According to a survey of IT pros
More informationWeb-Based Home Appliances Controlling System
Web-Based Home Appliances Controlling System B.E. EXTC, TSEC Aman Chadha Mahesh Dubey Siddhesh Shirodker 1 Agenda House monitoring using a live feed Advanced security system based on userauthentication
More informationInternet of Things Toolkit for Small and Medium Businesses
Your Guide #IoTatWork to IoT Security #IoTatWork Internet of Things Toolkit for Small and Medium Businesses Table of Contents Introduction 1 The Internet of Things (IoT) 2 Presence of IoT in Business Sectors
More informationComprehensive Data Center Energy Management Solutions
FROM INSIGHT TO EFFICIENCY: Comprehensive Data Center Energy Management Solutions Since 1995, facility managers and BAS professionals have relied on the Niagara framework to provide full convergence of
More informationVendor: CompTIA. Exam Code: Exam Name: CompTIA A+ Certification Exam (902) Version: Demo
Vendor: CompTIA Exam Code: 220-902 Exam Name: CompTIA A+ Certification Exam (902) Version: Demo DEMO QUESTION 1 Which of the following best practices is used to fix a zero-day vulnerability on Linux? A.
More informationChapter 5 Local Area Networks. Computer Concepts 2013
Chapter 5 Local Area Networks Computer Concepts 2013 5 Chapter Contents Section A: Network Building Blocks Section B: Wired and Wireless Technologies Section C: Network Setup Section D: Sharing Files Section
More information6 Vulnerabilities of the Retail Payment Ecosystem
6 Vulnerabilities of the Retail Payment Ecosystem FINANCIAL INSTITUTION PAYMENT GATEWAY DATABASES POINT OF SALE POINT OF INTERACTION SOFTWARE VENDOR Table of Contents 4 7 8 11 12 14 16 18 Intercepting
More informationKantanMT.com. Security & Infra-Structure Overview
KantanMT.com Security & Infra-Structure Overview Contents KantanMT Platform Security... 2 Customer Data Protection... 2 Application Security... 2 Physical and Environmental Security... 3 ecommerce Transactions...
More informationSMALL BUSINESS CYBERSECURITY SURVIVAL GUIDE
SMALL BUSINESS CYBERSECURITY SURVIVAL GUIDE Small business cybersecurity survival guide By Stephen Cobb, ESET Senior Security Researcher Computers and the internet bring many benefits to small businesses,
More informationSecuring Today s Mobile Workforce
WHITE PAPER Securing Today s Mobile Workforce Secure and Manage Mobile Devices and Users with Total Defense Mobile Security Table of Contents Executive Summary..................................................................................
More informationSMART CAMPUS, BUILDING AND VENUES
SMART CAMPUS, BUILDING AND VENUES Greg Deffenbaugh, Corporate Solutions Technologist SDS & Hospitality SDN Solutions and Strategy, Avaya @gregdeff gregdeff 1 Thank you Sponsors! Global Sponsors Gold Sponsors
More informationSecurity-as-a-Service: The Future of Security Management
Security-as-a-Service: The Future of Security Management EVERY SINGLE ATTACK THAT AN ORGANISATION EXPERIENCES IS EITHER ON AN ENDPOINT OR HEADING THERE 65% of CEOs say their risk management approach is
More informationWireless Attacks and Countermeasures
Wireless Attacks and Countermeasures Wireless Network Technology Wireless network refers to any type of computer network which is wireless, and is commonly associated with a network whose interconnections
More informationChapter 11: It s a Network. Introduction to Networking
Chapter 11: It s a Network Introduction to Networking Small Network Topologies Typical Small Network Topology IT Essentials v5.0 2 Device Selection for a Small Network Factors to be considered when selecting
More informationPCI Compliance. What is it? Who uses it? Why is it important?
PCI Compliance What is it? Who uses it? Why is it important? Definitions: PCI- Payment Card Industry DSS-Data Security Standard Merchants Anyone who takes a credit card payment 3 rd party processors companies
More informationZimperium Global Threat Data
Zimperium Global Threat Report Q2-2017 700 CVEs per Year for Mobile OS 500 300 100 07 08 09 10 11 12 13 14 15 16 17 Outdated ios Outdated ANDROID 1 of 4 Devices Introduces Unnecessary Risk 1 out of 50
More information10 Hidden IT Risks That Might Threaten Your Business
(Plus 1 Fast Way to Find Them) Your business depends on intelligence. But can you count on your technology? You may not be in the intelligence technology business, but it s probably impossible to imagine
More informationHow Cyber-Criminals Steal and Profit from your Data
How Cyber-Criminals Steal and Profit from your Data Presented by: Nick Podhradsky, SVP Operations SBS CyberSecurity www.sbscyber.com Consulting Network Security IT Audit Education 1 Agenda Why cybersecurity
More informationD. The bank s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.
Volume: 119 Questions Question No: 1 John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website.
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationGetting over Ransomware - Plan your Strategy for more Advanced Threats
Getting over Ransomware - Plan your Strategy for more Advanced Threats Kaspersky Lab Hong Kong Eric Kwok General Manager Lapcom Ltd. BEYOND ANTI-VIRUS: TRUE CYBERSECURITY FROM KASPERSKY LAB 20 years ago
More informationSecuring Wireless Mobile Devices. Lamaris Davis. East Carolina University 11/15/2013
Securing Wireless Mobile Devices Lamaris Davis East Carolina University 11/15/2013 Attract As more employees prefer to use mobile devices in the workplace, organizations are starting to adopt the Bring
More informationtelensa.com @Telensa Telensa is the only firm monetizing multiple IoT applications including smart lighting and smart parking. We deliver ultra-scalable, private network solutions through Ultra Narrow
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 ORACLE PRODUCT LOGO 20. oktober 2011 Hotel Europa Sarajevo Platform
More informationYanzi IoT for Smart Buildings From Sensor to Cloud. Marie Lassborn, VP Cloud Operations Jfokus 2018
Yanzi IoT for Smart Buildings From Sensor to Cloud Marie Lassborn, VP Cloud Operations Jfokus 2018 1 WHAT IS YANZI? Analytics Conversions Storage Cloud Visualizations An IoT Solution for Smart Office Headquarter
More informationTHE NEW LANDSCAPE OF AIRBORNE CYBERATTACKS
SESSION ID: MBS-W04 THE NEW LANDSCAPE OF AIRBORNE CYBERATTACKS Nadir Izrael CTO & Co-Founder Armis, Inc. Ben Seri Head of Research Armis, Inc. Placeholder Slide: Image of spread of infection Placeholder
More informationThe Future of Network Infrastructure & Management
WHITE PAPER The Future of Network Infrastructure & Management Software-defined networks, cloud management and LTE offer the ability to adapt a network to the changing workforce. Future Look: New Way to
More informationChapter 24 Wireless Network Security
Chapter 24 Wireless Network Security Wireless Security Key factors contributing to higher security risk of wireless networks compared to wired networks include: o Channel Wireless networking typically
More informationTransforming your network for the digital economy
Transforming your network for the digital economy Ricky Chau, Vice President, Enterprise, CenturyLink Asia Pacific 15/11/2018 Services not available everywhere. 2 We re in an Era of Digital Transformation
More informationThread in Commercial Backgrounder
Thread in Commercial Backgrounder September 2018 An introduction to Thread, its Network Topology and Application Support 1 What is Thread Thread is an open standard for wireless communication providing
More informationIBM Cloud Internet Services: Optimizing security to protect your web applications
WHITE PAPER IBM Cloud Internet Services: Optimizing security to protect your web applications Secure Internet applications and APIs against denialof-service attacks, customer data compromise, and abusive
More informationTrends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk
Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk Standards Certification Education & Training Publishing Conferences & Exhibits Steve Liebrecht W/WW Industry
More informationComplying with RBI Guidelines for Wi-Fi Vulnerabilities
A Whitepaper by AirTight Networks, Inc. 339 N. Bernardo Avenue, Mountain View, CA 94043 www.airtightnetworks.com 2013 AirTight Networks, Inc. All rights reserved. Reserve Bank of India (RBI) guidelines
More informationAKAMAI CLOUD SECURITY SOLUTIONS
AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your
More informationSecure Network Design Document
Secure Network Design Document May 3, 2007 Authored by: Steven Puzio TABLE OF CONTENTS I. Overview... 3 II. Company Information... 5 III. Wiring Closet Cabling and Design... 6 IV. Network Electronics Selection...
More informationCYBERSECURITY RISK LOWERING CHECKLIST
CYBERSECURITY RISK LOWERING CHECKLIST The risks from cybersecurity attacks, whether external or internal, continue to grow. Leaders must make thoughtful and informed decisions as to the level of risk they
More informationThe Quick-Start Guide to Print Security. How to maximize your print environment and minimize security threats
The Quick-Start Guide to Print Security How to maximize your print environment and minimize security threats 2 The Hidden Security Threat What s the first thing that comes to mind when you hear the words
More informationCloud-Based Data Security
White Paper Cloud-Based Data Security SaaS-built Galileo collects and analyzes customized performance data efficiently, on-demand, via a secure Internet connection. About Galileo Created by the ATS Group,
More informationNetworking. Prof. Abdul Hameed
Networking Prof. Abdul Hameed http://informationtechnology.pk http://informationtechnology.pk 0 Chapter Topics Networking Fundamentals Network Architectures and Components Connecting to the Internet Installing
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationCOMPUTER SKILLS COMP101
COMPUTER SKILLS COMP101 Chapter 4 Introduction to Computer Networks Definitions and Terminologies Computer Network A network consists of two or more computers that are linked in order to share resources
More informationUnderstanding Persistent Connectivity: How IoT and Data Will Impact the Connected Data Center
Understanding Persistent Connectivity: How IoT and Data Will Impact the Connected Data Center Speaker: Bill Kleyman, EVP of Digital Solutions - Switch AFCOM and Informa Writer/Contributor (@QuadStack)
More informationWhitepaper on AuthShield Two Factor Authentication with SAP
Whitepaper on AuthShield Two Factor Authentication with SAP By AuthShield Labs Pvt. Ltd Table of Contents Table of Contents...2 1.Overview...4 2. Threats to account passwords...5 2.1 Social Engineering
More informationExposing The Misuse of The Foundation of Online Security
Exposing The Misuse of The Foundation of Online Security HLA ID: 90FZSBZFZSB 56BVCXVBVCK 23YSLUSYSLI 01GATCAGATC Cyber space is very similar to organic realm Keys & certificates are like HLA tags But,
More informationNRENs and IoT Security: Challenges and Opportunities. Karen O Donoghue TICAL 2018 Cartagena 4 September 2018
NRENs and IoT Security: Challenges and Opportunities Karen O Donoghue TICAL 2018 Cartagena 4 September 2018 The number of IoT devices and systems connected to the Internet will be more than 5x the global
More informationNETWORKING &SECURITY SOLUTIONSPORTFOLIO
NETWORKING &SECURITY SOLUTIONSPORTFOLIO NETWORKING &SECURITY SOLUTIONSPORTFOLIO Acomprehensivesolutionsportfoliotohelpyougetyourbusiness securelyconnected.clickononeofoursolutionstoknowmore NETWORKING
More informationMobile Security / Mobile Payments
Mobile Security / Mobile Payments Leslie K. Lambert CISSP, CISM, CISA, CRISC, CIPP/US, CIPP/G VP, Chief Information Security Officer Juniper Networks Professional Techniques - Session T23 MOBILE SECURITY
More informationPersonal Cybersecurity
Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationSecuring Health Data in a BYOD World
Business White Paper Securing Health Data in a BYOD World Five strategies to minimize risk Page 2 of 9 Securing Health Data in a BYOD World Table of Contents Page 2 Introduction Page 3 BYOD Adoption Drivers
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 1 Introduction to Security
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 1 Introduction to Security Objectives Describe the challenges of securing information Define information security and explain why
More information