Perspectives on Cybersecurity
|
|
- Louisa Walters
- 5 years ago
- Views:
Transcription
1 Perspectives on Cybersecurity Beau Woods Cyber Safety Innovation Fellow, Atlantic Council Leader, I Am The Cavalry (.org) 2019 Winter Conference February 2, 2019
2 What s at stake
3 Mirai took out large parts of the Internet
4 Mirai took out large parts of the Internet Ukrainian grid black out by hacking
5 Mirai took out large parts of the Internet Ukrainian grid black out by hacking WannaCry shutters 30% of UK NHS
6 Mirai took out large parts of the Internet Ukrainian grid black out by hacking WannaCry shutters 30% of UK NHS NotPetya disrupts global logistics & manufacturing, including vaccines
7 Are you vulnerable?
8 Vulnerabilities reported to NIST per year
9 Software Complexity Modern Car Facebook Windows Vista Hadron Collider Boeing 787 Android Google Chrome Linux Kernel Mars Curiosity Hubble Telescope F-22 Raptor Space Shuttle Millions of Lines of Software Code
10 Supply Chain Vulnerabilities Millions of Lines of Software Code
11 Is this how hacks work? Highly Skilled Hacker Days Best Defenses Known/Available
12 OPM DNC Mirai WannaCry NotPetya Equifax Known but Unmitigated Vulnerabilities Known but Unmitigated Vulnerabilities Known but Unmitigated Vulnerabilities Known but Unmitigated Vulnerabilities Known but Unmitigated Vulnerabilities Known but Unmitigated Vulnerabilities
13 Forecasted Global Cybersecurity Spending, : $ 1 TrillionI Am The
14 ONE HUNDRED PERCENT of FORTUNE companies will be hacked over the same time period I Am The
15 In 2018, Apple became the world s first $1 Trillion company.
16 In 2019, Apple will spend around $1 Billion on security.
17 Last week, a 14-year old reported a major security flaw in Apple s products.
18 Are you vulnerable?
19 Know your hackers
20 Capabilities Nation State IR RU US UK FR IL NK SK CN AU Increasingly Willing Exploit Dev Coders Criminals DDoS Blackhat SEO Professional Operators Social Bots Hosting Ransomware Botnets Accident Increasingly Hard to Distinguish 5kr1p7 K1dd13 Willingness Increasingly capable Hacktivists Terrorists Ideological
21 I Am The Cavalry Five Motivations of Security Researchers Protect Puzzle Pride/Prestige Profit/Payment Protest/Patriot
22 Jay Radcliffe Security researcher Diabetic patient Father of diabetic patient Protect
23 Vulnerability Research, Disclosure, and Law
24 Launched January 29
25
26 DMCA Rules Intended to fight counterfeiting of DVDs Makes illegal circumvention of a technical protection mechanism (TPM) to access copyrighted works CFAA is the primary tool to prosecute cybercrimes
27 DMCA Exemptions Solely for good-faith security research On a lawfully acquired device With the authorization of the owner Conducted in an environment designed to avoid any harm to individuals or the public US DOJ in favor of exemptions: the DMCA was not created to protect [voting machines], and is ill-suited to do so.
28 Supply Chain Risk
29 Supply Chain Risk Vectors Supplier facilitated risk Implementation, operation, and maintenance Counterfeit Unverified components Malicious Taint Subverted components or systems Unintended Taint Known software vulnerabilities
30
31
32 Transparency & Awareness
33 Procurement Guidance
34 Perspectives on Cybersecurity Beau Woods Cyber Safety Innovation Fellow, Atlantic Council Leader, I Am The Cavalry (.org) 2019 Winter Conference February 2, 2019
35 Appendix
36 Coordinated Vulnerability Disclosure US Department of Commerce, NTIA Template ISO/IEC Standard for Vulnerability Disclosure ISO/IEC Standard for Vulnerability Handling Processes National Governor s Association US Department of Justice It Takes a Village Comic (Atlantic Council and HackerOne)
37 BSides Events Tracker Hackers: the Internet s immune system (TED Talk, Keren Elazari Can hackers break my heart (TEDx Talk, Marie Moe)
38
39
40 Countermeasures Situational Awareness Endpoint Security Active Defense Intrusion Prevention Anti-Everything Penetration Testing Threat Intelligence Security Monitoring Threat Hunting Operational Excellence Coordinated Vulnerability Disclosure DevSecOps Visible Ops Vulnerability Management Change Management Egress Filtering Network Admission Control Defensible Infrastructure Secure by Design Secure Baseline Configurations Secure Deployment Guidance Operating System and Software Support Lifetimes Software Updateable Software Ingredients or Components List Evidence Capture and Logging
41 Countermeasures Situational Awareness Operational Excellence Defensible Infrastructure $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $
42 Countermeasures Situational Awareness Operational Excellence Defensible Infrastructure $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $
43 Code of Practice for IoT Security 1. No default passwords 2. Coordinated vulnerability disclosure policy 3. Keep devices updated
Security Standardization and Regulation An Industry Perspective
Security Standardization and Regulation An Industry Perspective Dr. Ralf Rammig Siemens AG Megatrends Challenges that are transforming our world Digitalization In the future, we ll be living in a world
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationLegal Foundation and Enforcement: Promoting Cybersecurity
Legal Foundation and Enforcement: Promoting Cybersecurity Regional Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection February 19, 2008 Mark L. Krotoski Computer
More informationCYBER SECURITY AND MITIGATING RISKS
CYBER SECURITY AND MITIGATING RISKS 01 WHO Tom Stewart Associate Director Technology Consulting Chicago Technical Security Leader Protiviti Slides PRESENTATION AGENDA 3 START HACKING DEFINITION BRIEF HISTORY
More informationTHE ACCENTURE CYBER DEFENSE SOLUTION
THE ACCENTURE CYBER DEFENSE SOLUTION A MANAGED SERVICE FOR CYBER DEFENSE FROM ACCENTURE AND SPLUNK. YOUR CURRENT APPROACHES TO CYBER DEFENSE COULD BE PUTTING YOU AT RISK Cyber-attacks are increasingly
More informationSystemic Cyber Risk and Cyber Insurance. February 14, 2018
Systemic Cyber Risk and Cyber Insurance February 14, 2018 Questions 1. How big is the problem? 2. Have recent massive attacks affected the industry? 3. Where is the market headed? 4. How will government
More informationProtecting Buildings Operational Technology (OT) from Evolving Cyber Threats & Vulnerabilities
Cybersecurity Basics For Energy Managers Protecting Buildings Operational Technology (OT) from Evolving Cyber Threats & Vulnerabilities Michael Mylrea Manager, Cybersecurity & Energy Technology Pacific
More informationCombating Cyber Risk in the Supply Chain
SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationMANAGING CYBER RISKS ACROSS THE SOFTWARE SUPPLY CHAIN
MANAGING CYBER RISKS ACROSS THE SOFTWARE SUPPLY CHAIN Managing Cyber Risks Across the Software Supply Chain The widespread deployment of advanced data communications technologies is a vital factor in today
More informationEthical Hacking and Countermeasures: Attack Phases, Second Edition. Chapter 1 Introduction to Ethical Hacking
Ethical Hacking and Countermeasures: Attack Phases, Second Edition Chapter 1 Introduction to Ethical Hacking Objectives After completing this chapter, you should be able to: Understand the importance of
More informationUnderstanding the Changing Cybersecurity Problem
Understanding the Changing Cybersecurity Problem Keith Price BBus, MSc, CGEIT, CISM, CISSP Founder & Principal Consultant 1 About About me - Specialise in information security strategy, architecture, and
More informationMachine-Powered Learning for People-Centered Security
White paper Machine-Powered Learning for People-Centered Security Protecting Email with the Proofpoint Stateful Composite Scoring Service www.proofpoint.com INTRODUCTION: OUTGUNNED AND OVERWHELMED Today
More informationExpand Your Cyber Expertise. Secure Your Future.
Expand Your Cyber Expertise. Secure Your Future. CSX 2018 Europe will help you stay on top of the latest cybersecurity trends, further your cyber career, and make new connections with professionals around
More informationSoftware & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management
Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management Joe Jarzombek, PMP, CSSLP Director for Software & Supply
More informationCracking the code on an IT career
Cracking the code on an IT career Jade Khoo Patrick Hosseini & Laura Deans James Hamlyn-Harris CRICOS 00111D, TOID 3069 Snapshot of stories that made news 2 Hacks that leave you exposed The Australian
More informationWORKSHOP CYBER SECURITY AND CYBERCRIME POLICIES FOR AFRICAN DIPLOMATS. Okechukwu Emmanuel Ibe
WORKSHOP CYBER SECURITY AND CYBERCRIME POLICIES FOR AFRICAN DIPLOMATS Okechukwu Emmanuel Ibe INTRODUCTION The Intelligence and Security Committee (ISC) is a Unit in the Office of the Chairperson of the
More informationThe Cyber Threat. Bob Gourley, Partner, Cognitio June 22, How we think. 1
The Cyber Threat Bob Gourley, Partner, Cognitio June 22, 2016 How we think. 1 About This Presentation Based on decades of experience in cyber conflict Including cyber defense, cyber intelligence, cyber
More informationEliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat
WHITE PAPER Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat Executive Summary Unfortunately, it s a foregone conclusion that no organisation is 100 percent safe
More informationCyber Security: It s all about TRUST
www.pwc.com/vn Cyber Security: It s all about TRUST 29 th March 2017 Robert Tran Cybersecurity leader, Vietnam Content s Digital IQ Survey 1 Current state of Cybersecurity in Vietnam 2 2 Our global team
More informationMeasuring and Evaluating Cyber Risk in ICS Components, Products and Systems
Measuring and Evaluating Cyber Risk in ICS Components, Products and Systems Copyright 2018 UL LLC. All rights reserved. No portion of this material may be reprinted in any form without the express written
More informationCybersecurity, safety and resilience - Airline perspective
Arab Civil Aviation Commission - ACAC/ICAO MID GNSS Workshop Cybersecurity, safety and resilience - Airline perspective Rabat, November, 2017 Presented by Adlen LOUKIL, Ph.D CEO, Resys-consultants Advisory,
More informationSecuring Digital Transformation
September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated
More informationThailand Initiatives and Challenges in Cyber Terrorism
Thailand Initiatives and Challenges in Cyber Terrorism Agenda Cyber-Terrorism weapons & tactics MICT Cyber Inspector Group IT Laws Development Challenges Cyber-Terrorism weapons & tactics What is Cyber-Terrorism?
More informationThe National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne
The National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne Schwartz, Assoc. Dir., CDRH, FDA Denise Anderson, MBA, President,
More informationDesignated Cyber Security Protection Solution for Medical Devices
Designated Cyber Security Protection Solution for Medical s The Challenge Types of Cyber Attacks Against In recent years, cyber threats have become Medical s increasingly sophisticated in terms of attack
More informationKeys to a more secure data environment
Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting
More informationCyber Threat Landscape April 2013
www.pwc.co.uk Cyber Threat Landscape April 2013 Cyber Threats: Influences of the global business ecosystem Economic Industry/ Competitors Technology-led innovation has enabled business models to evolve
More informationEFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave
EFFECTIVELY TARGETING ADVANCED THREATS Terry Sangha Sales Engineer at Trustwave THE CHALLENGE PROTECTING YOUR ENVIRONMENT IS NOT GETTING EASIER ENDPOINT POINT OF SALE MOBILE VULNERABILITY MANAGEMENT CYBER
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationCyber Risk and Networked Medical Devices
Cyber Risk and Networked Medical Devices Hot Topics Deloitte & Touche LLP February 2016 Copyright Scottsdale Institute 2016. All Rights Reserved. No part of this document may be reproduced or shared with
More informationHacker Academy UK. Black Suits, White Hats!
Hacker Academy UK Black Suits, White Hats! Cyber Security Training and Services Do your devices Protect you against Cyber-attacks? Chinese hackers have allegedly stolen 50 terabytes of data on F-35 aircraft,
More informationTHE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY
THE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY DATA CENTER WEB APPS NEED MORE THAN IP-BASED DEFENSES AND NEXT-GENERATION FIREWALLS table of contents.... 2.... 4.... 5 A TechTarget White Paper Does
More informationMeasuring Cyber Risk Understanding the Right Data Sources. Sponsored By:
Measuring Cyber Risk Understanding the Right Data Sources Sponsored By: Measuring Cyber Risk Understanding the Right Data Sources Visit www.advisenltd.com at the end of this webinar to download: Copy of
More informationCyber Defense Operations Center
Cyber Defense Operations Center Providing world-class security protection, detection, and response Marek Jedrzejewicz Principal Security Engineering Manager Microsoft Corporation 1 Cybersecurity. In the
More informationSecurity in a Converging IT/OT World
Security in a Converging IT/OT World Introduction Around the winter solstice, darkness comes early to the citizens of Ukraine. On December 23, 2015, it came a little earlier than normal. In mid-afternoon,
More informationReal estate predictions 2017 What changes lie ahead?
Real estate predictions 2017 What changes lie ahead? Cyber Risk 2017. For information, contact Deloitte Consultores, S.A. Real Estate Predictions 2017 2 Cyber Risk Rising cyber risk in real estate through
More informationForging a Stronger Approach for the Cybersecurity Challenge. Session 34, February 12, 2019 Tom Stafford, VP & CIO, Halifax Health
Forging a Stronger Approach for the Cybersecurity Challenge Session 34, February 12, 2019 Tom Stafford, VP & CIO, Halifax Health 1 Speaker Introduction Tom Stafford, Vice President & CIO Education: Bachelors
More informationTackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud
Tackling Cybersecurity with Data Analytics Identifying and combatting cyber fraud San Antonio IIA iheartaudit Conference February 24, 2017 What We ll Cover + Current threat landscape + Common security
More informationManaging Supply Chain Risks for SCADA Systems
Managing Supply Chain Risks for SCADA Systems Nadya Bartol, Vice President of Industry Affairs and Cybersecurity Strategist, UTC Nadya.bartol@utc.org 2014 Utilities Telecom Council Agenda Problem Definition
More informationCyber-Threats and Countermeasures in Financial Sector
Michael Mavroforakis, PhD Group CISO & CDO SEV: Workshop on Digital Enablers (Cloud & Cybersecurity) 27th March 2018 Agenda: CYBERSECURITY Potential Targets Attack Examples Insider vs Outsider Threats
More informationGujarat Forensic Sciences University
Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat
More informationService. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution
Service SM Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Product Protecting sensitive data is critical to being
More informationNARRATOR: Welcome to the RSA Conference 2016 StoryCorps. podcasts. Please enjoy this discussion between fellow
StoryCorps @ RSAC Podcast Transcript Episode 1: I Might Die Because of a Software Bug JOSHUA CORMAN & MARIE MOE, APRIL 8, 2016 NARRATOR: Welcome to the RSA Conference 2016 StoryCorps podcasts. Please enjoy
More informationSecurity Takes Center Stage
Security Takes Center Stage Rajesh De Partner Chair, Global Cybersecurity & Data Privacy Practice +1 202 263 3366 rde@mayerbrown.com June 7, 2016 Cyber Attacks Are Increasing in Cost and Frequency Breaches
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationCybersecurity in Government
Cybersecurity in Government Executive Development Course: Digital Government Ng Lup Houh, Principal Cybersecurity Specialist Cybersecurity Group 03 April 2018 Agenda Cyber Threats & Vulnerabilities Cyber
More informationThe emerging battle between Cyber Defense and Cybercrime: How Technology is changing to keep Company and HR data safe
The emerging battle between Cyber Defense and Cybercrime: How Technology is changing to keep Company and HR data safe Copyright 2017 Protocol 46, Inc. All Rights Reserved Copyright 2017 Protocol 46, Inc.
More informationInformation and Communication Technology (ICT) Supply Chain Security Emerging Solutions
Information and Communication Technology (ICT) Supply Chain Security Emerging Solutions Nadya Bartol, CISSP, CGEIT UTC Senior Cybersecurity Strategist Agenda Problem Definition Existing and Emerging Practices
More informationCybersecurity Today Avoid Becoming a News Headline
Cybersecurity Today 2017 Avoid Becoming a News Headline Topics Making News Notable Incidents Current State of Affairs Common Points of Failure Three Quick Wins How to Prepare for and Respond to Cybersecurity
More informationDigital Forensic Science: Ideas, Gaps and the Future. Dr. Joshua I. James
Digital Forensic Science: Ideas, Gaps and the Future Dr. Joshua I. James Joshua@cybercrimetech.com 2015-08-09 Overview Digital Forensic Science where are we now? Past Present Where are we going? Future
More informationCybersecurity. Overview. Define Cyber Security Importance of Cyber Security 2017 Cyber Trends Top 10 Cyber Security Controls
Cybersecurity Hospitality Finance and Technology Professionals June 27, 2017 Presented by: Harvey Johnson, CPA Partner Overview Define Cyber Security Importance of Cyber Security 2017 Cyber Trends 1 About
More informationAre Your Systems Vulnerable to Hacker Attacks? Achieving Success through Shared Experience
Are Your Systems Vulnerable to Hacker Attacks? Achieving Success through Shared Experience BC Ministry of Technology, Innovation and Citizens Services Information Security Branch Agenda The Red Team /
More informationInsider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey
Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey CyberMaryland Conference 2017 Bob Andersen, Sr. Manager Federal Sales Engineering robert.andersen@solarwinds.com
More informationITU Regional Cybersecurity Forum for Asia-Pacific
ITU Regional Cybersecurity Forum for Asia-Pacific Incident Management Capabilities Australia Country Case Study Graham Ingram General Manager AusCERT July 2008 Copyright 2008 AusCERT Not for further distribution
More informationIntroduction Privacy, Security and Risk Management. What Healthcare Organizations Need to Know
Introduction Privacy, Security and Risk Management What Healthcare Organizations Need to Know Agenda I. Privacy, Security and Confidentiality Definitions in a Healthcare Context Patient Privacy concerns
More informationCISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline
CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker Learn to find security vulnerabilities before the bad guys do! The Certified Ethical Hacker (CEH) class immerses students in an interactive environment
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationThe GenCyber Program. By Chris Ralph
The GenCyber Program By Chris Ralph The Mission of GenCyber Provide a cybersecurity camp experience for students and teachers at the K-12 level. The primary goal of the program is to increase interest
More informationAgenda. About TRL. What is the issue? Security Analysis. Consequences of a Cyber attack. Concluding remarks. Page 2
Security Insert the Vulnerabilities title of your of the presentation Connected here Car Presented Presented by by Peter Name Vermaat Here Principal Job Title ITS - Date Consultant 24/06/2015 Agenda 1
More informationPerspectives on Threat
Commerce Threats Perspectives on Threat Higher level approach Define and characterize the threat rather list the what if scenarios Where to find accurate information on information Part I: Business Traditional
More informationSTRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE
STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby
More informationcs642 /introduction computer security adam everspaugh
cs642 computer security /introduction adam everspaugh ace@cs.wisc.edu definition Computer Security := understanding and improving the behavior of computing systems in the presence of adversaries adversaries
More informationPort Facility Cyber Security
International Port Security Program Port Facility Cyber Security Cyber Risk in the Marine Transportation System MAR'01 1 Objectives IDENTIFY motivations behind a cyber attack. IDENTIFY various types of
More informationCyber Security Incident Response Fighting Fire with Fire
Cyber Security Incident Response Fighting Fire with Fire Arun Perinkolam, Senior Manager Deloitte & Touche LLP Professional Techniques T21 CRISC CGEIT CISM CISA AGENDA Companies like yours What is the
More informationHACKER S DELIGHT DESTROYING THE SYSTEM ONLY MAKES IT STRONGER
HACKER S DELIGHT DESTROYING THE SYSTEM ONLY MAKES IT STRONGER OVERVIEW The meaning of hacking Types of hacking Methods of hacking Implications of hacking HACKING: AN INTRODUCTION A DEFINITION To tinker
More informationRansomware piercing the anti-virus bubble
CONNECT Ransomware piercing the anti-virus bubble Better prevention is needed to protect organizations from the growing threat landscape 2 The WannaCry ransomware attack that had such a widespread and
More informationIndustrial Control System Cyber Security
Industrial Control System Cyber Security Disaster Recovery Information Exchange Bruce Tyson June 28, 2017 Lunch and Learn Introduction Bruce Tyson is a certified engineering technologist (CET Telecommunications
More informationWayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk
Wayward Wi-Fi How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk 288 MILLION There are more than 288 million unique Wi-Fi networks worldwide. Source: Wireless Geographic Logging
More informationThe Value of Automated Penetration Testing White Paper
The Value of Automated Penetration Testing White Paper Overview As an information security expert and the security manager of the company, I am well aware of the difficulties of enterprises and organizations
More informationThink Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe
Think Oslo 2018 Where Technology Meets Humanity Oslo Felicity March Cyber Resilience - Europe Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity
More informationMay the (IBM) X-Force Be With You
Ann Arbor, Michigan July 23-25 May the (IBM) X-Force Be With You A QUICK PEEK INTO ONE OF THE MOST RENOWNED SECURITY TEAMS IN THE WORLD Marlon Machado Worldwide Standardization Leader, Application Security
More informationManaging IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services
Managing IT Risk: What Now and What to Look For Presented By Tina Bode IT Assurance Services Agenda 1 2 WHAT TOP TEN IT SECURITY RISKS YOU CAN DO 3 QUESTIONS 2 IT S ALL CONNECTED Introduction All of our
More informationSecurity Challenges with ITS : A law enforcement view
Security Challenges with ITS : A law enforcement view Central Observatory for Intelligent Transportation Systems FRENCH MINISTRY OF INTERIOR GENDARMERIE NATIONALE Colonel Franck MARESCAL franck.marescal@gendarmerie.interieur.gouv.fr
More informationSecuring Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &
Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab Modern Challenges By 2020, 60% of Digital Businesses will suffer Major Service
More informationVulnerability disclosure
Vulnerability disclosure Don t forget overall goal: improve software safety Consider incentives for researchers, software vendors, customers Supply chain can be complex Software component developers Open
More informationENDPOINT SECURITY AND THE CLOUD: HOW TO APPLY PREDICTIVE ANALYTICS AND BIG DATA
SESSION ID: SPO3-R04 ENDPOINT SECURITY AND THE CLOUD: HOW TO APPLY PREDICTIVE ANALYTICS AND BIG DATA Brian Gladstein Cybersecurity Market Strategist Carbon Black @briangladstein ASYMMETRIC WARFARE IT S
More informationCYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018
CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018 Cyber fraud attacks happen; they can t all be stopped. The higher order question must be how can we, as fraud examiners and assurance professionals,
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationCertified Cyber Security Analyst VS-1160
VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The
More informationMEDICAL DEVICE SECURITY. A Focus on Patient Safety February, 2018
MEDICAL DEVICE SECURITY A Focus on Patient Safety February, 2018 WHO I AM Adam Brand I Am The Cavalry Director Privacy and Security, Protiviti Focus on Medical Device Healthcare Security Custom EEG Manufacturing,
More informationVincent van Kooten, EMEA North Fraud & Risk Intelligence Specialist RSA, The Security Division of EMC
Vincent van Kooten, EMEA North Fraud & Risk Intelligence Specialist RSA, The Security Division of EMC 1 2013 2 3 in 4 3 5.900.000.000 $ 4 RSA s Top 10 List 5 RSA s top 10 phishing list Copyright 2014 EMC
More informationCisco Networking Academy CCNA Cybersecurity Operations 1.1 Curriculum Overview Updated July 2018
Cisco Networking Academy CCNA Cybersecurity Operations 1.1 Curriculum Overview Updated July 2018 Cybersecurity Opportunities Cybercrime Costs Security Spending Cybersecurity Ventures: Cybersecurity Market
More informationFrom Design to Resign: Securing the Electronics Lifecycle
SESSION ID: STR1-R11 From Design to Resign: Securing the Electronics Lifecycle Edna Conway Chief Security Officer, Global Value Chain Cisco Systems, Inc. @edna_conway Dr. Mark Tehranipoor Intel Charles
More informationProtect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com
Protect Your Endpoint, Keep Your Business Safe. White Paper Exosphere, Inc. getexosphere.com White Paper Today s Threat Landscape Cyber attacks today are increasingly sophisticated and widespread, rendering
More informationCyber (In)Security. What Business Leaders Need To Know. Roy Luebke Innovation and Growth Consultant. Presented by:
For audio difficulties please use conference number: 515-739-1030 Access: 385039# Cyber (In)Security What Business Leaders Need To Know Presented by: Roy Luebke Innovation and Growth Consultant July 12,
More informationPanda Security 2010 Page 1
Panda Security 2010 Page 1 Executive Summary The malware economy is flourishing and affecting both consumers and businesses of all sizes. The reality is that cybercrime is growing exponentially in frequency
More informationSEPTEMBER 24-25, 2017 Lucknow, India SPONSORSHIP KIT SPONSORSHIP KIT.
SEPTEMBER 24-25, 2017 Lucknow, India SPONSORSHIP KIT SPONSORSHIP KIT www.hackersday.org ABOUT NISS National Information Security (NISS) is an initiative of National Information Security Council which is
More informationCYBERSMART BUILDINGS. Securing Your Investments in Connectivity and Automation
CYBERSMART BUILDINGS Securing Your Investments in Connectivity and Automation JANUARY 2018 WELCOME STEVE BRUKBACHER Application Security Manager Global Product Security Johnson Controls 1 WHY ARE WE HERE
More informationApr. 10, Vulnerability disclosure and handling processes strengthen security programs
Joint Comments on "Framework for Improving Critical Infrastructure Cybersecurity" version 1.1 Before the National Institute of Standards and Technology Apr. 10, 2017 We the undersigned companies, civil
More informationForeScout Extended Module for Splunk
Enterprise Strategy Group Getting to the bigger truth. ESG Lab Review ForeScout Extended Module for Splunk Date: May 2017 Author: Tony Palmer, Senior Lab Analyst Abstract This report provides a first look
More informationPresented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0
Cyber Security and Inside Threats: Turning Policies into Practices Presented by Ingrid Fredeen and Pamela Passman Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented By Ingrid Fredeen, J.D.
More informationBreaking the Blockchain: Real-World Use Cases, Opportunities and Challenges
SESSION ID: BAC-W12 Breaking the Blockchain: Real-World Use Cases, Opportunities and Challenges Dr. Michael Mylrea Senior Advisor for Cybersecurity & Blockchain Lead Pacific Northwest National Laboratory
More informationCybersecurity Vulnerabilities and Process Frameworks for Oil and Gas
Cybersecurity Vulnerabilities and Process Frameworks for Oil and Gas Presentation to WVONGA Jack L. Shaffer, Jr. Business Transformation Director vcio/ vciso 2017 Cybersecurity in the news Ransomware Wanacry,
More informationReading the Tea Leaves of the 2015 RSA Conference Submissions
Reading the Tea Leaves of the 2015 RSA Conference Submissions Hugh Thompson RSA Conference 2015 Program Committee Chairman Britta Glade RSA Conferences Senior Content Manager Agenda Quick submission &
More informationSHA-1 to SHA-2. Migration Guide
SHA-1 to SHA-2 Migration Guide Web-application attacks represented 40 percent of breaches in 2015. Cryptographic and server-side vulnerabilities provide opportunities for cyber criminals to carry out ransomware
More informationwith Advanced Protection
with Advanced Email Protection OVERVIEW Today s sophisticated threats are changing. They re multiplying. They re morphing into new variants. And they re targeting people, not just technology. As organizations
More informationCCNA Cybersecurity Operations 1.1 Scope and Sequence
CCNA Cybersecurity Operations 1.1 Scope and Sequence Last updated June 18, 2018 Introduction Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding
More informationCLEARING THE PATH: PREVENTING THE BLOCKS TO CYBERSECURITY IN BUSINESS
CLEARING THE PATH: PREVENTING THE BLOCKS TO CYBERSECURITY IN BUSINESS Introduction The world of cybersecurity is changing. As all aspects of our lives become increasingly connected, businesses have made
More information