Catching Inside Attackers
|
|
|
- Cecil McDonald
- 5 years ago
- Views:
Transcription
1 Catching Inside Attackers Balancing Forensic Detectability and Privacy of Employees Jens Lindemann, Ephraim Zimmer, Dominik Herrmann, Hannes Federrath October 29, 2015
2 2014 US state of cybercrime survey [CER14] Participants who experienced an insider incident Electronic crimes, that were more costly or damaging Catching Inside Attackers Slide 2 of 17
![Infosecurity Magazine [Inf12]](/docs-images/94/122269536/images/3-0.jpg "Catching Inside Attackers Slide 3")
3 Infosecurity Magazine [Inf12] Catching Inside Attackers Slide 3 of 17
4 Agenda State of the art Future research Challenges Catching Inside Attackers Slide 4 of 17
5 State of the art Catching Inside Attackers Slide 5 of 17
6 Non-technical countermeasures Common sense guide [Sil+12] Main focus on motivations, opportunities and employee training Derived from control domains specified in Annex A of ISO Catching Inside Attackers Slide 6 of 17
7 Technical countermeasures Network-based approaches Honeypots and honeytokens [Spi03] Network traffic collection and analysis (ELICIT) [MS07] Host-based user profiling Unix commandline activities [Sch+01] MS Windows process table and window titles [Gol03] Catching Inside Attackers Slide 7 of 17
8 Integrated approaches Classical security audit data & psychological data [GF10] Insider threat indicator ontology & processable operational context data from Human Resources [Cos+15] Catching Inside Attackers Slide 8 of 17
9 Future research Catching Inside Attackers Slide 9 of 17
10 Missing bits and bytes Consistent definitions Universal datasets Evaluation and comparision Detection vs. prevention Catching Inside Attackers Slide 10 of 17
11 Prevention possible? Post-mortem detection Attribution Efficient techniques (i. e. anomaly detection) Reliable data sources Catching Inside Attackers Slide 11 of 17
12 Prevention possible? Post-mortem detection Attribution Efficient techniques (i. e. anomaly detection) Reliable data sources Existing work False-positives Detection Honeypots [Spi03] - - ELICIT [MS07] Unix [Sch+01] Windows [Gol03] - - Catching Inside Attackers Psychology [GF10] - - Ontology [Cos+15] - - Slide 11 of 17
13 Prevention possible? Post-mortem detection Attribution Efficient techniques (i. e. anomaly detection) Reliable data sources Catching Inside Attackers Slide 11 of 17
14 Veracity Catching Inside Attackers Slide 12 of 17
15 Veracity [Gol12] Catching Inside Attackers Slide 12 of 17
16 Challenges Catching Inside Attackers Slide 13 of 17
17 Data protection Privacy Detectability Data protection laws Misuse for surveillance Long time periods Linkability of behaviour to individuals Obfuscation De-anonymisation for anomaly detection Attribution Inside attacker identification y Revocable anonymity under certain conditions Catching Inside Attackers Slide 14 of 17
18 Evaluation of detection / prevention techniques Data capture in production environments? Impact of anonymisation/filtering on countermeasures? Resembling the real world? y Synthetically generated datasets Catching Inside Attackers Slide 15 of 17
19 Prospects 2014 US State of Cybercrime Survey Only 49% of all respondents have a plan for responding to insider threats. [MSP14] WiK/ASW Sicherheits-Enquête 2014/ % of the surveyed 160 security experts don t have strategies to counter or exacerbate data leakage. [WiK15] Catching Inside Attackers Slide 16 of 17
20 Comprehensive definitions and consistent terms Lao Tzu If you do not change direction, you may end up where you are heading. Universal datasets of inside attacker activities Comparable evaluation Insider attack detection via the veracity concept Tradeoff between privacy and detectability Revocable Anonymity under certain conditions Catching Inside Attackers Slide 17 of 17
21 References I CERT Insider Threat Center U.S. State of Cybercrime Survey url: (visited on 10/09/2015) (cit. on p. 2). Cliparts created by Freepik and derived from Flaticon. Licensed under Creative Commons BY 3.0. url: (visited on 10/28/2015). Daniel L. Costa et al. An Ontology for Insider Threat Indicators. In: 10th International Conference on Semantic Technology for Intelligence, Defense, and Security (STIDS) (2015). url: (visited on 09/25/2015) (cit. on pp. 8, 12). Frank L Greitzer and Deborah A Frincke. Combining traditional cyber security audit data with psychosocial data: towards predictive modeling for insider threat mitigation. In: Insider Threats in Cyber Security. Springer, 2010, pp (cit. on pp. 8, 12). Tom Goldring. User profiling for intrusion detection in windows nt. In: Proceedings of the 35th Symposium on the Interface (cit. on pp. 7, 12). Dieter Gollmann. Veracity, Plausibility, and Reputation. In: Information Security Theory and Practice. Security, Privacy and Trust in Computing Systems and Ambient Intelligent Ecosystems - 6th IFIP WG 11.2 International Workshop, WISTP 2012, Egham, UK, June 20-22, Proceedings. Ed. by Ioannis G. Askoxylakis, Henrich Christopher Pöhls, and Joachim Posegga. Vol Lecture Notes in Computer Science. Springer, 2012, pp isbn: doi: / _3 (cit. on p. 15). Catching Inside Attackers Slide 18 of 17
22 References II Infosecurity Magazine. Swiss intelligence agency loses terabytes of data to an insider url: (visited on 10/28/2015) (cit. on p. 3). Marcus A. Maloof and Gregory D. Stephens. ELICIT: A System for Detecting Insiders Who Violate Need-to-Know. In: Recent Advances in Intrusion Detection. Ed. by Christopher Kruegel, Richard Lippmann, and Andrew Clark. Vol Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2007, pp url: (visited on 09/21/2015) (cit. on pp. 7, 12). Kevin Michelberg, Laurie Schive, and Neal Pollard. US cybercrime: Rising risks, reduced readiness Key findings from the 2014 US State of Cybercrime Survey url: (visited on 09/24/2015) (cit. on p. 19). Matthias Schonlau et al. Computer Intrusion: Detecting Masquerades. In: StatisticalScience 16.1 (2001), pp url: (visited on 09/17/2015) (cit. on pp. 7, 12). George Silowash et al. Common Sense Guide to Mitigating Insider Threats. Tech. rep. CMU/SEI-2012-TR-012. Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, url: (visited on 09/24/2015) (cit. on p. 6). Lance Spitzner. Honeypots: catching the insider threat. In: Computer Security Applications Conference, Proceedings. 19th Annual. IEEE Computer Society, Dec. 2003, pp (cit. on pp. 7, 12). Catching Inside Attackers Slide 19 of 17
23 References III WiK - Zeitschrift für die Sicherheit der Wirtschaft, ASW Bundesverband. WiK/ASW Sicherheits-Enquête 2014/ url: (visited on 10/28/2015) (cit. on p. 19). Catching Inside Attackers Slide 20 of 17
Insider Threats in Cyber Security
Insider Threats in Cyber Security Advances in Information Security Sushil Jajodia Consulting Editor Center for Secure Information Systems George Mason University Fairfax, VA 22030-4444 email: jajodia@gmu.edu
Insider Threats. Nathalie Baracaldo. School of Information Sciences. March 26 th, 2015
Insider Threats Nathalie Baracaldo Ph.D. Candidate date School of Information Sciences March 26 th, 2015 1 Insider Attacks According to CERT insider attackers are defined as: Currently or previously employed
The Insider Threat Center: Thwarting the Evil Insider
The Insider Threat Center: Thwarting the Evil Insider The CERT Top 10 List for Winning the Battle Against Insider Threats Randy Trzeciak 14 June 2012 2007-2012 Carnegie Mellon University Notices 2011 Carnegie
The CERT Top 10 List for Winning the Battle Against Insider Threats
The CERT Top 10 List for Winning the Battle Against Insider Threats Dawn Cappelli CERT Insider Threat Center Software Engineering Institute Carnegie Mellon University Session ID: STAR-203 Session Classification:
Threat analysis. Tuomas Aura CS-C3130 Information security. Aalto University, autumn 2017
Threat analysis Tuomas Aura CS-C3130 Information security Aalto University, autumn 2017 Outline What is security Threat analysis Threat modeling example Systematic threat modeling 2 WHAT IS SECURITY 3
Advanced IT Risk, Security management and Cybercrime Prevention
Advanced IT Risk, Security management and Cybercrime Prevention Course Goal and Objectives Information technology has created a new category of criminality, as cybercrime offers hackers and other tech-savvy
A fault tolerance honeypots network for securing E-government
A fault tolerance honeypots network for securing E-government Shahriar Mohammadi Bahman Nikkhahan smohammadi40@yahoo.com Nikkhahan@sina.kntu.ac.ir Information Technology Engineering Group, Department of
Bradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
STANDARD INFORMATION SHARING FORMATS. Will Semple Head of Threat and Vulnerability Management New York Stock Exchange
STANDARD INFORMATION SHARING FORMATS Will Semple Head of Threat and Vulnerability Management New York Stock Exchange AGENDA Information Sharing from the Practitioner s view Changing the focus from Risk
2013 US State of Cybercrime Survey
2013 US State of Cybercrime Survey Unknown How 24 % Bad is the Insider Threat? Insiders 51% 2007-2013 Carnegie Mellon University Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting
Cybersecurity, safety and resilience - Airline perspective
Arab Civil Aviation Commission - ACAC/ICAO MID GNSS Workshop Cybersecurity, safety and resilience - Airline perspective Rabat, November, 2017 Presented by Adlen LOUKIL, Ph.D CEO, Resys-consultants Advisory,
The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless
The Republic of Korea Executive Summary Today, cyberspace is a new horizon with endless possibilities, offering unprecedented economic and social benefits. However, on account of its open, anonymous and
Incident Response Services
Services Enhanced with Supervised Machine Learning and Human Intelligence Empowering clients to stay one step ahead of the adversary. Secureworks helps clients enable intelligent actions to outsmart and
IT Security in Large IT Infrastructures SS18 Lecture 00: Preliminary Discussion
IT Security in Large IT Infrastructures SS18 Lecture 00: Preliminary Discussion Florian Fankhauser Christian Schanes Christian Brem Franz Mairhofer INSO Industrial Software Institute of Information Systems
The GenCyber Program. By Chris Ralph
The GenCyber Program By Chris Ralph The Mission of GenCyber Provide a cybersecurity camp experience for students and teachers at the K-12 level. The primary goal of the program is to increase interest
Insider Threats: Actual Attacks by Current and Former Software Engineers
Insider Threats: Actual Attacks by Current and Former Software Engineers 9 June 2011 Dawn Cappelli 2007-2011 Carnegie Mellon University Agenda Introduction to the CERT Insider Threat Center CERT s Insider
Security and privacy in the smartphone ecosystem: Final progress report
Security and privacy in the smartphone ecosystem: Final progress report Alexios Mylonas Athens University of Economics & Business Overview 2 Research Motivation Related work Objective Approach Methodology
Certified Cyber Security Analyst VS-1160
VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The
*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
Introduction and Bio CyberSecurity Defined CyberSecurity Risks NIST CyberSecurity Framework References *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS *** Chapter 3. Framework Implementation Relationship
Components and Considerations in Building an Insider Threat Program
Components and Considerations in Building an Insider Threat Program Carly Huth Insider Threat Researcher, CEWM Carly L. Huth is an insider threat researcher in the Cyber Enterprise and Workforce Management
IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions
IPS Effectiveness IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions An Intrusion Prevention System (IPS) is a critical layer of defense that helps you protect
Professional Training Course - Cybercrime Investigation Body of Knowledge -
Overview The expanded use of the Internet has facilitated rapid advances in communications, systems control, and information sharing. Those advances have created enormous opportunities for society, commerce
Clarity on Cyber Security. Media conference 29 May 2018
Clarity on Cyber Security Media conference 29 May 2018 Why this study? 2 Methodology Methodology of the study Online survey consisting of 33 questions 60 participants from C-Level (CISOs, CIOs, CTOs) 26
Overview Intrusion Detection Systems and Practices
Overview Intrusion Detection Systems and Practices Chapter 13 Lecturer: Pei-yih Ting Intrusion Detection Concepts Dealing with Intruders Detecting Intruders Principles of Intrusions and IDS The IDS Taxonomy
Security & Phishing
Email Security & Phishing Best Practices In Cybersecurity Presenters Bill Shieh Guest Speaker Staff Engineer Information Security Ellie Mae Supervisory Special Agent Cyber Crime FBI 2 What Is Phishing?
Intrusion Detection. Daniel Bosk. Department of Information and Communication Systems, Mid Sweden University, Sundsvall.
Intrusion Detection Daniel Bosk Department of Information and Communication Systems, Mid Sweden University, Sundsvall. intrusion.tex 2093 2014-11-26 12:20:57Z danbos Overview 1 Intruders Intruders Behaviour
Cyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
National Cyber Security Strategy 2016
National Cyber Security Strategy 2016 26th of April 2017, Athens Samuel Rothenpieler, International Relations Advisor, Federal Office for Information Security (BSI) Mission Statement of the German Federal
Preventing Insider Sabotage: Lessons Learned From Actual Attacks
Preventing Insider Sabotage: Lessons Learned From Actual Attacks Dawn Cappelli November 14, 2005 2005 Carnegie Mellon University Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting
Honeypots. Security on Offense. by Kareem Sumner
Honeypots Security on Offense by Kareem Sumner Agenda Introduction What Are Honeypots? Objectives Successful Deployment Advantages And Disadvantages Types Of Honeypots Honeypot Software Future of Honeypots/Honeynets
A Comparative Study of Teaching Forensics at a University Degree Level
A Comparative Study of Teaching Forensics at a University Degree Level Martin Mink University of Mannheim, Germany IMF 2006, Stuttgart October 19 Joint Work Laboratory for Dependable Distributed Systems
Security Aspects of Trust Services Providers
Security Aspects of Trust Services Providers Please replace background with image European Union Agency for Network and Information Security 24 th September 2013 www.enisa.europa.eu Today s agenda 09:30-10:00
Operational Network Security
Tim Boerner April 25, 2013 CS598 Network Security Operational Network Security or how I learned that the purpose of network security has little to do with actually securing the network Introduction Thinking
A FRAMEWORK TO EFFECTIVELY DEVELOP INSIDER THREAT CONTROLS
SESSION ID: HUM-R02 A FRAMEWORK TO EFFECTIVELY DEVELOP INSIDER THREAT CONTROLS Randy Trzeciak Director CERT National Insider Threat Center Software Engineering Institute Carnegie Mellon University Dan
SPECIAL ISSUE, PAPER ID: IJDCST-09 ISSN
Digital Forensics CH. RAMESH BABU, Asst.Proffessor, Dept. Of MCA, K.B.N.College, Vijayawada Abstract: The need for computer intrusion forensics arises from the alarming increase in the number of computer
Media Kit. California Cybersecurity Institute
Media Kit Fact Sheet Cybercrime A Growing Threat Cybercriminals are invisible enemies who jeopardize our nation s security in increasingly sophisticated and pervasive ways. According to the Government
Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm
Insider Threat Program: Protecting the Crown Jewels Monday, March 2, 2:15 pm - 3:15 pm Take Away Identify your critical information Recognize potential insider threats What happens after your critical
Police Technical Approach to Cyber Threats
Police Technical Approach to Cyber Threats Jumpei Kawahara Director of High-Tech Crime Technology Division, National Police Agency, Japan 1 Overview (cases) Current Situation 140000 140,000 120000 100000
Cybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
Goal-Based Assessment for the Cybersecurity of Critical Infrastructure
Goal-Based Assessment for the Cybersecurity of Critical Infrastructure IEEE HST 2010 November 10, 2010 NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY AND ITS SOFTWARE ENGINEERING INSTITUTE IS
CERT Overview. Jeffrey J. Carpenter 2008 Carnegie Mellon University
CERT Overview Jeffrey J. Carpenter 2008 Carnegie Mellon University Software Engineering Institute Department of Defense R&D Laboratory FFRDC Created in 1984 Administered by Carnegie Mellon
Virtual CMS Honey pot capturing threats In web applications 1 BADI ALEKHYA, ASSITANT PROFESSOR, DEPT OF CSE, T.J.S ENGINEERING COLLEGE
International Journal of Scientific & Engineering Research, Volume 4, Issue 4, April-2013 1492 Virtual CMS Honey pot capturing threats In web applications 1 BADI ALEKHYA, ASSITANT PROFESSOR, DEPT OF CSE,
Safeguarding company from cyber-crimes and other technology scams ASSOCHAM
www.pwc.com Safeguarding company from cyber-crimes and other technology scams ASSOCHAM Rahul Aggarwal - Director The new digital business ecosystem is complex and highly interconnected The new business
Cyber Threat Prioritization
Cyber Threat Prioritization FSSCC Threat and Vulnerability Assessment Committee Jay McAllister Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of information
CYBER SECURITY AND MITIGATING RISKS
CYBER SECURITY AND MITIGATING RISKS 01 WHO Tom Stewart Associate Director Technology Consulting Chicago Technical Security Leader Protiviti Slides PRESENTATION AGENDA 3 START HACKING DEFINITION BRIEF HISTORY
Security Policy Guidelines
Security Policy Guidelines CSH6 Chapter 44 Security Policy Guidelines M. E. Kabay & Bridgett Robertson Selected Topics in CSH6 Ch 44 Terminology Resources for Policy Writers Writing the Policies Organizing
Confronting the Threat. Wednesday, August 8, 2006, 2-3:15 PM Debbie Christofferson, CISSP, CISM Sapphire-Security Services LLC
Confronting the Threat Inside the Castle Walls Wednesday, August 8, 2006, 2-3:15 PM Debbie Christofferson, CISSP, CISM Sapphire-Security Services LLC 1 Debbie Christofferson, CISSP, CISM Sapphire-Security
How AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
Japan s Cyber Diplomacy
Japan s Cyber Diplomacy As the importance of cyberspace is increasing, cyber threats are rapidly growing. The Ministry of Foreign Affairs (MOFA) needs to lead international discussions on how to ensure
Cyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)
Overview This course is intended for those wishing to qualify with CompTIA Security+. CompTIA's Security+ Certification is a foundation-level certificate designed for IT administrators with 2 years' experience
ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010
ENISA & Cybersecurity Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010 Agenda Some Definitions Some Statistics ENISA & Cybersecurity Conclusions
CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security
CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships About SANS The SANS (SysAdmin, Audit, Network, Security) Institute Established in 1989 Cooperative research
Privacy-Preserving DNS
Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath, Karl-Peter Fuchs, Dominik Herrmann, Christopher Piosecny University of Hamburg (Germany) 1 Agenda Missing Privacy
Information Security Specialist. IPS effectiveness
Information Security Specialist IPS effectiveness IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions An Intrusion Prevention System (IPS) is a critical layer of
Managed Endpoint Defense
DATA SHEET Managed Endpoint Defense Powered by CB Defense Next-gen endpoint threat detection and response DEPLOY AND HARDEN. Rapidly deploy and optimize endpoint prevention with dedicated security experts
Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
Defining cybersecurity.
PREPARING FOR TOMORROW S THREATS 28 September 2016 Andrew Facchini Presales & Product Manager +47 459 07 330 andrew@mnemonic.no Defining cybersecurity. WHO IS MNEMONIC? Founded in 2000 110+ security specialists
CIT 480: Securing Computer Systems. Putting It All Together
CIT 480: Securing Computer Systems Putting It All Together Assurance 1. Asset identification 1. Systems and information assets. 2. Infrastructure model and control 1. Network diagrams and inventory database.
A Security Risk Analysis Model for Information Systems
A Security Risk Analysis Model for Information Systems Hoh Peter In 1,*, Young-Gab Kim 1, Taek Lee 1, Chang-Joo Moon 2, Yoonjung Jung 3, and Injung Kim 3 1 Department of Computer Science and Engineering,
CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018
CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018 Cyber fraud attacks happen; they can t all be stopped. The higher order question must be how can we, as fraud examiners and assurance professionals,
CIP-014. JEA Compliance Approach. FRCC Fall Compliance Workshop Presenter Daniel Mishra
CIP-014 JEA Compliance Approach FRCC Fall Compliance Workshop Presenter Daniel Mishra Acronyms & Terminologies DHS Department of Homeland Security JEA It s not an acronym JSO Jacksonville Sheriff's Office
NYDFS Cybersecurity Regulations: What do they mean? What is their impact?
June 13, 2017 NYDFS Cybersecurity Regulations: What do they mean? What is their impact? Gus Coldebella Principal, Boston Caroline Simons Principal, Boston Agenda 1) Overview of the new regulations 2) Assessing
CS Review. Prof. Clarkson Spring 2017
CS 5430 Review Prof. Clarkson Spring 2017 Recall: Audit logs Recording: what to log what not to log how to log locally remotely how to protect the log Reviewing: manual exploration automated analysis MANUAL
Protecting Critical Energy Infrastructure International Multistakeholder Conference, Training & Exhibition
VIENNA CYBER SECURITY WEEK 2018 Protecting Critical Energy Infrastructure International Multistakeholder Conference, Training & Exhibition SECURITY & DIPLOMACY 29-30 January 15A Favoritenstraße, 1040 Taubstummengasse
Security Pitfalls. A review of recurring failures. Dr. Dominik Herrmann. Download slides at https://dhgo.to/pitfalls
Security Pitfalls A review of recurring failures Dr. Dominik Herrmann Download slides at https://dhgo.to/pitfalls Research on security, privacy, online tracking, forensics. Postdoc researcher University
Optimized Packet Filtering Honeypot with Intrusion Detection System for WLAN
Amandeep Singh, Pankush Singla, Navdeep Kaur Khiva 101 Optimized Packet Filtering Honeypot with Intrusion Detection System for WLAN Amandeep Singh Pankush Sukhpreet Singla Singh Navdeep Kaur Khiva Second
Preempting Cyber Fraud: SWIFT Threat Indicator Sharing Tool. Cyber Security 3.0 Better Together August 18, 2017
Preempting Cyber Fraud: SWIFT Threat Indicator Sharing Tool Cyber Security 3.0 Better Together August 18, 2017 Research Overview Problem Statement Research Goals & Methodology Defining Insider Cashout
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
Ahead of the next curve
Ahead of the next curve Clarity on Cyber Security 30 May 2017 #KPMG_Cyber Study results Work on what s now think about what s next Evolution of cyber risk in Switzerland No time to waste to discuss cyber
ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015
ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO 27001 FRAMEWORK AUGUST 19, 2015 Agenda Coalfire Overview Threat Landscape What is ISO Why ISO ISO Cycle Q&A 2 Presenters
ITU CBS. Digital Security Capacity Building: Role of the University GLOBAL ICT CAPACITY BUILDING SYMPOSIUM SANTO DOMINGO 2018
GLOBAL ICT CAPACITY BUILDING SYMPOSIUM ITU CBS SANTO DOMINGO 2018 Digital Capacity Building: Role of the University 18 20 June 2018 Santo Domingo, Dominican Republic Dr. Nizar Ben Neji Faculty of Sciences
Physical security advisory services Securing your organisation s future
Physical security advisory services Securing your organisation s future August 2018 KPMG.com/in Physical security threats on the rise In a dynamic geo-political, economic and social environment, businesses
Introduction to ISO/IEC 27001:2005
Introduction to ISO/IEC 27001:2005 For ISACA Melbourne Chapter Technical Session 18 th of July 2006 AD Prepared by Endre P. Bihari JP of Performance Resources What is ISO/IEC 17799? 2/20 Aim: Creating
EU policy on Network and Information Security & Critical Information Infrastructures Protection
EU policy on Network and Information Security & Critical Information Infrastructures Protection Köln, 10 March 2011 Valérie ANDRIANAVALY European Commission Directorate General Information Society and
Kevin Mandia MANDIANT. Carnegie Mellon University Incident Response Master of Information System Management
The State of the Hack Kevin Mandia MANDIANT Who Am I? Adjunct Professor Carnegie Mellon University 95-856 Incident Response Master of Information System Management The George Washington University Computer
LONDON SUMMER 2016 SAT 9 SAT 16 JULY, 2016 #SANSLONDON. 14 SANS COURSES SEC566 Implementing and Auditing the Critical Security Controls- In Depth
THE WORLD S LARGEST & MOST TRUSTED PROVIDER OF CYBER URITY TRAINING LONDON SUMMER 201 SAT 9 SAT 1 JULY, 201 #SANSLONDON 401 Security Essentials Bootcamp Style 03 Intrusion Detection In-Depth 0 Securing
Cyber Security Roadmap
Cyber Security Roadmap The Hague, 25 May 2011 Security: Developing a Secure Cyberspace Protecting the 5 th Domain As with land, sea, air and space, a safe Cyberspace is crucial for our societies. Different
Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents
Services to Help You Prepare for and Quickly Respond to Security Incidents The Challenge The threat landscape is always evolving and adversaries are getting harder to detect; and with that, cyber risk
Current Threat Environment
Current Threat Environment Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213, PhD Technical Director, CERT mssherman@sei.cmu.edu 29-Aug-2014 Report Documentation Page Form
to Enhance Your Cyber Security Needs
Our Service to Enhance Your Cyber Security Needs Since the business critical systems by its nature are ON all of the time and the increasingly connected world makes you open your organization to everything
CHIME and AEHIS Cybersecurity Survey. October 2016
CHIME and AEHIS Cybersecurity Survey October 2016 Fielding and Reponses Responses: 190 Survey fielded: Approximately a month (8/29-9/30) Demographics In what state or U.S. territory do you currently work?
A Response Strategy Model for Intrusion Response Systems
A Response Strategy Model for Intrusion Response Systems Nor Badrul Anuar 1,2, Maria Papadaki 1, Steven Furnell 1,3, and Nathan Clarke 1,3 1 Centre for Security, Communications and Network Research (CSCAN),
COMPUTER FORENSICS (CFRS)
Computer Forensics (CFRS) 1 COMPUTER FORENSICS (CFRS) 500 Level Courses CFRS 500: Introduction to Forensic Technology and Analysis. 3 credits. Presents an overview of technologies of interest to forensics
National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director
National Cyber Security Strategy - Qatar Michael Lewis, Deputy Director 2 Coordinating a National Approach to Cybersecurity ITU Pillars of Cybersecurity as a Reference Point providing the collected best
Course 832 EC-Council Computer Hacking Forensic Investigator (CHFI)
Course 832 EC-Council Computer Hacking Forensic Investigator (CHFI) Duration: 5 days You Will Learn How To Understand how perimeter defenses work Scan and attack you own networks, without actually harming
Honey Pot Be afraid Be very afraid
Honey Pot Be afraid Be very afraid Presented By Shubha Joshi M.Tech(CS) Problems with internet Why? Problems The Internet security is hard New attacks every day Our computers are static targets What should
Managing Risk; A Model For Deterring Trespassers
Managing Risk; A Model For Deterring Trespassers Operation Lifesaver 16 th International Symposium Inspector William J. Law Aug 31, 2010 Baltimore MD Trespass Prevention and Mitigation; Managing Risk Focus
THE WOMBAT API handling incidents by querying a world-wide network of advanced honeypots
THE WOMBAT API handling incidents by querying a world-wide network of advanced honeypots Piotr Kijewski, Adam Kozakiewicz 15th June 2010 22nd Annual FIRST Conference, Miami WOMBAT Project EU 7th FRAMEWORK
How do you decide what s best for you?
How do you decide what s best for you? Experience Transparency Leadership Commitment Cost reduction Security Trustworthiness Credibility Confidence Reliability Compliance Privacy Expertise Flexibility
U.S. State of Cybercrime
EXCLUSIVE RESEARCH FROM EXECUTIVE SUMMARY 2017 U.S. State of Cybercrime IDG Communications, Inc. 2017 U.S. State of Cybercrime TODAY S CYBERCRIMES ARE BECOMING MORE TARGETED AND BUILT FOR MAXIMUM IMPACT,
CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY
CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS Cybersecurity and information security have become key challenges for
Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security
1 Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security 2 Government Services 3 Business Education Social CYBERSPACE
Defining Computer Security Incident Response Teams
Defining Computer Security Incident Response Teams Robin Ruefle January 2007 ABSTRACT: A computer security incident response team (CSIRT) is a concrete organizational entity (i.e., one or more staff) that
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,
The State of the Hack. Kevin Mandia MANDIANT
The State of the Hack Kevin Mandia MANDIANT Who Am I? Adjunct Professor Carnegie Mellon University 95-856 Incident Response Master of Information System Management The George Washington University Computer
CYBER SECURITY TRAINING
CYBER Security skills for the digital age. Cyber Crime has never been more predominant. The number of breaches is exponentially rising year on year leading to an ever increasing Cyber Security threat.
Cybersecurity Strategy of the Republic of Cyprus
Cybersecurity Strategy of the Republic of Cyprus George Michaelides Commissioner of Electronic Communications and Postal Regulation http://www.ocecpr.org.cy 12 th February 2016 Cybersecurity Strategy of
Cyber Security in Europe
Cyber Security in Europe ENISA supporting the National Cyber Security Strategies An evaluation framework Liveri Dimitra Security and Resilience of Communication Networks Officer www.enisa.europa.eu Securing
A new approach to Cyber Security
A new approach to Cyber Security Feel Free kpmg.ch We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward.