Intro to Capture the Flag

Transcription

1 Intro to Capture the Flag Talk for General Audience: Why Capture the Flag (CTFs) Matter. Synopsis: CTFs are one example of a gamified learning environment. Gamified ecosystems pose many benefits to professional organizations, specifically in the areas of recruiting, retention, and productivity. Even if you are not a techie or have no desire to be a competitor, come learn why they are increasingly used for talent identification and cultivation. And while you re here, let s get you registered for the IUP/InfraGard CTF. You re here to network and be exposed to new things outside your comfort zone, right?

2 Combating Technical and Human Vulnerabilities Synopsis: Managing cybersecurity threats in today s enterprise is a complex undertaking. Foundational to meeting today s challenges is an effective cybersecurity program that enables resilience against today s advanced threats. Ultimately, Cyber Resilience is about managing and minimizing cyber risk. To minimize the potential devastation of a cyberattack, it s important to understand our technical vulnerabilities and human vulnerabilities. Research Data indicates that hackers are relying more and more on exploiting human vulnerabilities, and are ignoring technical vulnerabilities, which are harder to exploit. This presentation will explore best practices and strategies that can increase cyber resilience and decrease the frequency and magnitude of a loss events caused by the exploitation of these two types of vulnerabilities.

3 Why & How to Create A Cybersecurity Awareness Program Presenter: Leia Shilobod, CEO, InTech Solutions, Inc. Background: Even companies who have some kind of Cybersecurity Awareness Program often find them to be ineffective in steadily decreasing the number of cyber incidents in an organization. This program outlines the importance of having such a program, as well as an effective program design that gets results. Why You Need A Cybersecurity Awareness Program May be required for compliance o NIST /DFARS, NIST , HIPAA, PCI, etc. Empowered Users Keep the Network Secure o Empowerment through education o One click can pierce the most elegant and expensive solutions How to Effectively Implement and Improve Your Cybersecurity Awareness Program Program Design o Initial Group-Style Learning (seminar or webinar) o At Least Semiannual Group-Style Learning (seminar or webinar) o Regular Reminders ( is great) o Self-Paced Learning Options o Incident Response Drills Educate them on the Current Security Stack o What it is o What each product does o What it looks like Educate them on Written Company IT Policy (at minimum the below) o Acceptable Use o Incident Response o Information Security and/or Information Sensitivity Educate on how Hackers gain foothold in networks o Cyber Actor Strategies and WHY They Do It o Social Engineering phishing, spearhead phishing, USB drop, vishing, SMS phishing Use Ample Storytelling o Storytelling Makes a Longer Program, But Retention Is Much Higher Keep Top of Mind and Sharpen the Saw

4 o o Employees Forget Fast Too Many Things Taking Attention

5 Cyber Security We All Have a Role Presenter: Special Agent Michelle Pirtle, FBI/InfraGard Companies are compromised daily, and every company hopes they are not the next cyber incident headline. This general cyber security awareness presentation will highlight common cyber security threats in a non-technical manner. With general knowledge and understanding everyone within a company can play their role to help secure their company. Resources will be highlighted to help attendees to continue to further their knowledge while protecting their companies.

6 Intro to Reverse Engineering Synopsis: In this session we will solve some of the entry level reverse engineering challenges from the IUP/InfraGard CTF. We will leverage different tools and explain the strategies required for accomplishing the challenges. This will be an interactive session, as we solve challenges together. Bring your laptop. Prior to arrival, consider installing Microsoft s Windows Debugger and Vector35 s BinaryNinja! Capture the Flag Exercise: Will run the October 3-5, with the winner being announced at the Cyber Security Seminar. CTF Overview: ESCALATE CTF Powered by Point3 Security Inc. Escalate s gamified challenges provide hands on key board experience that solve indemand cyber security issues and complex threats. Escalate will have you pushing your capabilities to the limits and leveraging multiple skill sets including malware reverse engineering, network security monitoring, disk and memory forensics, vulnerability research, offensive and defensive operations and operational software development. N00b or l33t, bring your best and you will be rewarded handsomely. There will be prizes for the top 3 participants in the CTF. In case of a tie for 1st, 2nd, or 3rd, the ranking will be determined by the person taking the least amount of time to capture the flags. FOR THE NEW FOLKS 1. Come prepared there are many online resources available to read up on different tool sets and what they do some specific items to know about include the Kali Linux toolset and WireShark. It might not hurt to know what a debugger does and what the output looks like either. 2. Stick to the foundational and intro categories for simpler challenges. As you proceed down the list of a specific category, the challenges will increase in complexity and build upon skills you had to utilize in the previous challenges. Some of the more difficult challenges can take days to complete, so avoid those. 3. Just like in real life, you can use any resource available to you complete the challenge. Here are some websites that can help in your research efforts before and during challenges: - #1 - #2 - #3 THE GAME

7 This is an independent CTF where individuals will be competing against each other to rack up the most points. Once you capture the flag in a challenge, submit it right away, as each challenge is timed, and this will be used to determine tie breakers. Challenges are grouped by category and each challenge within a category has different point values based on complexity. ABOUT US: Founded in 2014, Point3 Security Inc. is a premier cyber security organization providing the cyber community with training and assessment tools to enhance their workforce. Recognizing the evolving industry and the need for an enhanced skillset from professionals, Point3 Security Inc. provides challenge/gamed-based material that identifies and cultivates cyber security talent amongst professional organizations.

8 Turtles, Trust and The Future of Cybersecurity Presenter: Jeff Fazek Senior Sales Engineer, Varonis Solutions Abstract Faith in our institutions is collapsing, and GDPR is at the door. What would cybersecurity look like if we started from scratch, right now, in our hybrid, interdependent world? It would focus relentlessly on data. Learn how a data-centric security approach can reduce risk, increase efficiency and re-engineer trust in a society where faith has been shaken by unstoppable breaches. Short Abstract Learn how the breakdown in cyber-confidence can only be repaired by recognizing the criticality of data protection in a hybrid, interdependent world - and by securing data first, not last. Objectives Learn about an approach to data protection that starts with data, not threats Discover how classification, analytics, labels, and remediation fit together Gain insights into applying data-centric security to new regulations like GDPR

9 Planning for Resilience: A Data-Centric Security Model Presenter: Sam Cattle - National Security Practice Director, Rolta AdvizeX Synopsis: For most of our organizations, attacks are focused on getting to our data: regulated data, privacy data, intellectual property, or ransoming off access to that same data. It s time that we focus our efforts on securing that data, in a resilient, layered approach. Sam Cattle, Director of the Rolta Advizex security practice, will present the Data-Centric Security Model to focus security efforts and investment on what matters most securing our data. This approach combines the five key security functions of the NIST CSF model (Identify, Protect, Detect, Respond, Recover) with a layered approach to securing Data, the Identities we use to access that data, the Network we travel on to perform those transactions, the Platforms at all ends of those transactions, and Governance as a wrapper around all of those controls. Using this model, Rolta Advizex promotes a message of resilience against the never-ending onslaught of attacks against our organizations, a layered approach that cannot be beaten at just a single level.