Cyber-security Research at Stony Brook
|
|
- Christian Gregory
- 8 years ago
- Views:
Transcription
1 Cyber-security Research at Stony Brook Radu Sion Network Security and Applied Cryptography Lab
2 USS Yorktown September, 1997: USS Yorktown is 100% dead in the water for 2.5 hours, then stalled in port for 2 days. Cause: Cruiser runs MS Windows on LAN-connected machines in its Smart Ship system. Result: blue screen of death 2
3 F22 Raptor mach 2.4+ (classified) February 11, 2007: 12 raptors flying from Hawaii to Japan are forced to turn back in panic mode: nav and comm systems are 100% down. Cause: software was not designed to cross international date line (180 meridian of longitude) 3
4 Cyber-security is hot! First and foremost: it is lots of fun! Security incidents continue to sky-rocket Incidents reported by US CERT have increased by a factor of 100 in the past decade Bad guys are becoming more sophisticated Progression from script kiddies to cybercrime, cyberactivism, and so on Thus Spam, cyber-extortion, phishing attacks all driven by this trend Current technologies and solutions aren t very effective Things are going to get worse before they get better 4
5 What is cyber-security? Businesses Banking and financial transactions Marketing, advertising, and corporate communication Federal and State Governments Classified data (DoD, DoE, ) Critical infrastructures telecom, transportation, power, law-enforcement, Consumers Theft of bank accounts, passwords, credit card #s, Loss of privacy snoop on web sites visited capture keystrokes, microphone or camera input 5
6 Overview Research spread over several laboratories Over 30 graduate students Research supported by NSF, ONR, AFOSR, Army Research, DARPA, NIST, Computer Associates, Motorola Labs, IBM Research, IBM Center for Cyber-security NSA-designated Center of Excellence in Information Assurance Education ( ) 6
7 Faculty Tzi-cker Chiueh Compiler transformations, attack recovery Rob Johnson Software security, program analysis, cryptography C.R. Ramakrishnan Formal methods, vulnerability analysis R. Sekar Program analysis/transformation, policy enforcement, attack detection/recovery Radu Sion Data and network security, applied/practical cryptography Scott Stoller Trust management, vulnerability analysis, program analysis Erez Zadok File system and storage security many others + collaboration with other faculty 7
8 Labs Applied Logic Laboratory Design and Analysis Research Laboratory Experimental Computer Systems Laboratory File-systems and Storage Laboratory Network Security and Applied Cryptography Lab Secure Systems Laboratory Security, Programming Languages and Theory Lab Trusted Hardware Lab (part of NSAC Lab) 8
9 Sample Projects (1) Software security Source-code analysis for vulnerability detection Program transformation for runtime detection and prevention of attacks on COTS software program anonymization Intrusion Detection Safe execution of mobile/untrusted code Safe vulnerability and penetration testing automated vulnerability analysis + signature/patch generation Applied Cryptography Digital E-Cash and Micro-payments in networks analysis of security in DVD/HD-DVD protocols authentication for digital imagery 9
10 Sample Projects (2) Security in Wireless Networks Privacy in Cellular Networks Sensor Network Security Storage Security Secure file systems Regulatory compliance Access control policies and trust management Secure Data Management data outsourcing database security High-confidence operating systems Trusted Hardware Laboratory 10
11 Areas Software security Compilers Operating systems Verification/assurance Hardware security Trustworthy hardware Data security Storage/file security Database security Rights Protection Network security Wireless/cellular security Applied Cryptography Distributed systems Trust management Vulnerability analysis Privacy preservation Security policies Frameworks Monitoring and compliance Intrusion detection 11
12 Impact and Funding Funding: $12M+ in federal research grants: NSF CAREER (5), ONR Young Investigator, IBM Faculty Award, DoD Critical Infrastructure Protection and IA Fellowship award (1 of 12 in US, 1 of 2 in NY), NSF ITR awards, $2.5M NSF award to support Scholarships for students specializing in IA (only new award in 2004), 8+ NSF Cyber Trust awards in 2006/2007 Publications: 30+ papers/year in highly competitive forums: IEEE Security and Privacy, USENIX Security, NDSS, CCS, DSN, ACSAC (best paper), OSDI, FC, CSFW, ICDCS, USENIX Technical, FAST, RAID, DSN, TKDE, VLDB, ICDE, PLDI, FSE, TOPLAS, SOSP 12
13 Why work in cyber-security? Plenty of problems to be solved The one area where companies are investing significantly Shortage of qualified personnel Especially in federal government Hard to outsource security jobs Robust growth expected in the sector for foreseeable future And don t forget: it s lots of fun! 13
14 Further contact info Center for Cyber Security homepage Faculty personal home pages Laboratory home pages Information Assurance Scholarships 14
15 echo lunchtime > /dev/null rock on! 15
Science or Security. George O. Strawn NSF & NITRD (retired)
Science or Security George O. Strawn NSF & NITRD (retired) Caveat auditor The opinions expressed in this talk are those of the speaker, not the U.S. government Outline Anecdotes about IT security Observations
More informationCertified Cyber Security Analyst VS-1160
VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The
More informationNEES@Buffalo Cybersecurity Plan. Introduction. Roles and Responsibilities. Laboratory Executive Commitee (ExCom)
NEES@Buffalo Cybersecurity Plan Introduction The NEES Cyberinfrastructure (CI) system is composed of fourteen equipment sites and one central IT facility, henceforth referred to as NEEScomm IT. With IT
More informationCyber Security at NSU
Cyber Security at NSU Aurelia T. Williams, Ph.D. Chair, Department of Computer Science Associate Professor of Computer Science June 9, 2015 Background Undergraduate computer science degree program began
More informationNSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense
NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial
More informationEncyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.
Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted. Administrative Awareness Case Study: Government Offices Certification and Accreditation:
More information10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)
1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction
More informationInterdisciplinary Program in Information Security and Assurance. By Kossi Edoh NC A&T State University Greensboro
Interdisciplinary Program in Information Security and Assurance By Kossi Edoh NC A&T State University Greensboro Information Assurance The protection of electronic information and infrastructures that
More informationCyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist
Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended
More informationProtecting critical infrastructure from Cyber-attack
Protecting critical infrastructure from Cyber-attack ACI-NA BIT Workshop, Session 6 (Cybersecurity) Long Beach, California October 4, 2015 Ben Trethowan Aviation Systems & Security Architect The scale
More informationAn Overview of Information Security Frameworks. Presented to TIF September 25, 2013
An Overview of Information Security Frameworks Presented to TIF September 25, 2013 What is a framework? A framework helps define an approach to implementing, maintaining, monitoring, and improving information
More informationCyber Security Research and Education Institute (CSI) The University of Texas at Dallas http://csi.utdallas.edu
Cyber Security Research and Education Institute (CSI) The University of Texas at Dallas http://csi.utdallas.edu January 2014 1/29/2014 1 Our History NSA/DHS Center for Excellence in Cyber Security Education
More informationParticipants: Introduction:
National Conversation A Trusted Cyber Future Discussion Led by Dan Massey, CSD Program Manager Moderator: Joe Gersch (Secure 64) Department of Homeland Security Science and Technology Directorate (DHS
More informationTUSKEGEE CYBER SECURITY PATH FORWARD
TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,
More informationTHE WORLD IS MOVING FAST, SECURITY FASTER.
THE WORLD IS MOVING FAST, SECURITY FASTER. * COMMITTED TO SECURITY* *Committed to providing peace of mind in your digital life and business. [ 3 ] OUR MISSION TO PREVENT AND MANAGE RISKS FACED BY ORGANIZATIONS
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationTRUST Background. National Science Foundation Office of Integrative Activities (OIA) Core Funding (FY2005-2015)
TRUST TRUST: : Team for Research in Ubiquitous Secure Technology A Collaborative Approach to Advancing Cyber Security Research and Development Larry Rohrbough Executive Director, TRUST University of California,
More informationMaster of Science in Information Systems & Security Management. Courses Descriptions
Master of Science in Information Systems & Security Management Security Related Courses Courses Descriptions ISSM 530. Information Security. 1 st Semester. Lect. 3, 3 credits. This is an introductory course
More informationfuture data and infrastructure
White Paper Smart Grid Security: Preparing for the Standards-Based Future without Neglecting the Needs of Today Are you prepared for future data and infrastructure security challenges? Steve Chasko Principal
More informationFacilitated Self-Evaluation v1.0
Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) Patricia Hoffman Facilitated Self-Evaluation v1.0 Assistant Secretary Office of Electricity Delivery and Energy Reliability U.S.
More informationSDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015
SDN Security Challenges Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015 Cybersecurity Enhancement Act 2014 Public-Private Collaboration on Security (NIST
More informationWasting Money on the Tools? Automating the Most Critical Security Controls. Mason Brown Director, The SANS Institute
Wasting Money on the Tools? Automating the Most Critical Security Controls Bonus: Gaining Support From Top Managers for Security Investments Mason Brown Director, The SANS Institute The Most Trusted Name
More informationInformation Assurance Program at West Point
Information Assurance Program at West Point Daniel-Ragsdale@usma.edu John.Hill@usma usma.edu Scott.Lathrop@usma usma.edu Gregory.Conti@usma usma.edu USMA Information Assurance Program Institutional Support
More informationComputer Crime & Security Survey
3 rd Japan & US Computer Crime & Security Survey Katsuya Uchida Associate Professor Institute of Information Security uchidak@gol.com Graduate School of Information Security Intentionally blank Respondents
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationNuclear Security Requires Cyber Security
Nuclear Security Requires Cyber Security A. DAVID MCKINNON, PH.D., MARY SUE HOXIE Cyber Physical Security Team, National Security Directorate Project on Nuclear Issues (PONI) Fall 2015 Conference PNNL-SA-113027
More informationLooking at the SANS 20 Critical Security Controls
Looking at the SANS 20 Critical Security Controls Mapping the SANS 20 to NIST 800-53 to ISO 27002 by Brad C. Johnson The SANS 20 Overview SANS has created the 20 Critical Security Controls as a way of
More informationSolving the CIO s Cybersecurity Dilemma: 20 Critical Controls for Effective Cyber Defense
Solving the CIO s Cybersecurity Dilemma: 20 Critical Controls for Effective Cyber Defense John M. Gilligan Information systems Security Association National Capital Chapter January 19, 2010 1 Topics Background
More informationSession 3: IT Infrastructure Security Track ThreatExchange Winning through collaboration. Tomas Sander HP Labs
Session 3: IT Infrastructure Security Track ThreatExchange Winning through collaboration Tomas Sander HP Labs Forward Looking Statements Rolling roadmap up to three years and is subject to change without
More informationResearch Topics in the National Cyber Security Research Agenda
Research Topics in the National Cyber Security Research Agenda Trust and Security for our Digital Life About this document: This document summarizes the research topics as identified in the National Cyber
More informationUS Federal Cyber Security Research Program November 15, 2012 New England Advanced Cyber Security Center Workshop Bill Newhouse (NIST)
US Federal Cyber Security Research Program November 15, 2012 New England Advanced Cyber Security Center Workshop Bill Newhouse (NIST) william.newhouse@nist.gov NITRD Structure for US Federal Cybersecurity
More informationBellevue University Cybersecurity Programs & Courses
Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320
More informationCloud Resilient Architecture (CRA) -Design and Analysis. Hamid Alipour Salim Hariri Youssif-Al-Nashif
Cloud Resilient Architecture (CRA) -Design and Analysis Glynis Dsouza Hamid Alipour Salim Hariri Youssif-Al-Nashif NSF Center for Autonomic Computing University of Arizona Mohamed Eltoweissy Pacific National
More informationFORBIDDEN - Ethical Hacking Workshop Duration
Workshop Course Module FORBIDDEN - Ethical Hacking Workshop Duration Lecture and Demonstration : 15 Hours Security Challenge : 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once
More informationUNM Information Assurance Scholarship for Service (SFS) Program
UNM Information Assurance Scholarship for Service (SFS) Program What is Information Assurance? Committee on National Security Systems (CNSS) defines information assurance (IA): Measures that protect and
More informationThe Next Generation of Security Leaders
The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish
More informationCyber Security Education: My Personal Thoughts. Bharat Doshi bharat.doshi@jhuapl.edu
Cyber Security Education: My Personal Thoughts Bharat Doshi bharat.doshi@jhuapl.edu Topics Personal Background Other situations: Similarities and Differences Cyber Vulnerabilities Student Types and Education/Training
More informationBig Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data
Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data Patrick Gardner VP Engineering Sourabh Satish Distinguished Engineer Symantec Vision 2014 - Big Data
More information6. AUDIT CHECKLIST FOR NETWORK ADMINISTRATION AND SECURITY AUDITING
6. AUDIT CHECKLIST FOR NETWORK ADMINISTRATION AND SECURITY AUDITING The following is a general checklist for the audit of Network Administration and Security. Sl.no Checklist Process 1. Is there an Information
More informationCybersecurity Risks, Regulation, Remorse, and Ruin
Financial Planning Association of Michigan 2014 Fall Symposium Cybersecurity Risks, Regulation, Remorse, and Ruin Shane B. Hansen shansen@wnj.com (616) 752-2145 October 23, 2014 Copyright 2014 Warner Norcross
More informationComputer Concepts And Applications CIS-107-TE. TECEP Test Description
Computer Concepts And Applications CIS-107-TE This TECEP tests content covered in a one-semester course in computer concepts and applications. It focuses on an overview of computers, including historical
More informationTASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices
Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security
More informationReport on CAP Cybersecurity November 5, 2015
Agenda Number 7. Report on CAP Cybersecurity November 5, 2015 Phil Cook CISSP, CISM Manager, Information Technologies Risk #1 External Attacks PR 81 Protect and secure CAP's Information Technology assets
More informationActions and Recommendations (A/R) Summary
Actions and Recommendations (A/R) Summary Priority I: A National Cyberspace Security Response System A/R 1-1: DHS will create a single point-ofcontact for the federal government s interaction with industry
More informationRequirements of Secure Storage Systems for Healthcare Records
Requirements of Secure Storage Systems for Healthcare Records Ragib Hasan 1, Marianne Winslett 1, and Radu Sion 2 1 University of Illinois at Urbana-Champaign Urbana, IL 61801, USA (rhasan, winslett)@cs.uiuc.edu
More informationDON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS?
HEALTH WEALTH CAREER DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS? Gregg Sommer, CAIA Head of Operational Risk Assessments St. Louis MERCER 2015 0 CYBERSECURITY BREACHES
More informationAirports and their SCADA Systems. Dr Leigh Armistead, CISSP. Peregrine Technical Solutions
Airports and their SCADA Systems Dr Leigh Armistead, CISSP Peregrine Technical Solutions What We May Face For an attack to be successful it only has to cause disruption not loss of life to a significant
More informationCONTROLLING DATA IN THE CLOUD: OUTSOURCING COMPUTATION WITHOUT OUTSOURCING CONTROL
CONTROLLING DATA IN THE CLOUD: OUTSOURCING COMPUTATION WITHOUT OUTSOURCING CONTROL Paper By: Chow, R; Golle, P; Jakobsson, M; Shai, E; Staddon, J From PARC & Masuoka, R And Mollina From Fujitsu Laboratories
More informationSECURING YOUR SMALL BUSINESS. Principles of information security and risk management
SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and
More informationCritical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
More informationOdyssey Access Client FIPS Edition
Odyssey Access Client FIPS Edition Data Sheet Published Date July 2015 Product Overview The need today is greater than ever to ensure that systems are securely configured. Government agencies and secure
More informationCyber security trends & strategy for business (digital?)
Cyber security trends & strategy for business (digital?) Presentation by Anwer Yusoff Head, Industry & Business Development C y b e r S e c u r i t y M a l a y s i a NATIONAL CYBERSECURITY TECHNICAL SPECIALIST
More informationCybersecurity Definitions and Academic Landscape
Cybersecurity Definitions and Academic Landscape Balkrishnan Dasarathy, PhD Program Director, Information Assurance Graduate School University of Maryland University College (UMUC) Email: Balakrishnan.Dasarathy@umuc.edu
More informationPlan of Attack 5 Step Plan
Plan of Attack 5 Step Plan Naming those Digital Assets Practicing Digital Doomsday Training + Policies and Procedures Technology Tuning Security in the Supply Chain Next Steps Sample Plan 0 to 30 Days
More informationProject 25 Security Services Overview
Project 25 Security Services Overview Bill Janky Director, System Design Harris Corporation 1 Agenda Overview of P25 Security Services What s new; What s coming Other topics 2 If you re in Public Safety...
More informationHow To Build A Cybersecurity Company
A Service Disabled Veteran Owned Small Business Maryland 2014 The Cybersecurity Industry Window of Opportunity John M. Leitch President & CEO Winquest Engineering Corporation V1.3 1 Agenda Industry Windows
More informationABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security?
ABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security? Agenda Threats Risk Assessment Implementation Validation Advanced Security Implementation Strategy
More informationFostering Incident Response and Digital Forensics Research
Fostering Incident Response and Digital Forensics Research Bruce J. Nikkel bruce.nikkel@ubs.com September 8, 2014 Abstract This article highlights different incident response topics with a focus on digital
More informationIIABSC 2015 - Spring Conference
IIABSC 2015 - Spring Conference Cyber Security With enough time, anyone can be hacked. There is no solution that will completely protect you from hackers. March 11, 2015 Chris Joye, Security + 1 2 Cyber
More informationIntroduction to Information Security Management
Introduction to Information Security Management CIS 8080 Security and Privacy of Information and Information Systems Richard Baskerville Georgia State University 1 Principles Information Security Management
More informationPrinciple of Information Security. Asst. Prof. Kemathat Vibhatavanij Ph.D.
Principle of Information Security Asst. Prof. Kemathat Vibhatavanij Ph.D. Security Challenges Evolution of technology focused on ease of use Compliance to government laws and regulations Direct impact
More informationCyber R &D Research Roundtable
Cyber R &D Research Roundtable 2 May 2013 N A T I O N A L S E C U R I T Y E N E R G Y & E N V I R O N M E N T H E A L T H C Y B E R S E C U R I T Y Changing Environment Rapidly Evolving Threat Changes
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationNIST Cybersecurity Framework Manufacturing Implementation
NIST Cybersecurity Framework Manufacturing Implementation Keith Stouffer Project Leader, Cybersecurity for Smart Manufacturing Systems Engineering Lab, NIST Manufacturing Cybersecurity Research at NIST
More informationAs global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended
As global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended Global Cybercrime has an estimated cost of US$ 110 Billion per year Every second, 18 adults become a
More informationApplication White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off
Application White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off Times have Changed & A/V Executives Agree An A/V product as your sole endpoint protection solution isn t enough.
More informationHow To Research Security And Privacy Using Data Science
Research Topics in Security and Privacy using Data Science School of Informatics University of Edinburgh David Aspinall David.Aspinall@ed.ac.uk http://secpriv.inf.ed.ac.uk/ http://cybersec.ed.ac.uk/ Outline
More informationStephen E. McLaughlin
Education Stephen E. McLaughlin Computer Science and Engineering Pennsylvania State University Office : 344 IST Building University Park, PA 16802 (814) 867-1773 email: smclaugh@cse.psu.edu The Pennsylvania
More informationPRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH
PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH FOC2015 Vienna / 17.06.2015 Challenges for Future ICT Systems Cloud computing
More informationDON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS?
HEALTH WEALTH CAREER DON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS? FREEMAN WOOD HEAD OF MERCER SENTINEL NORTH AMERICA GREGG SOMMER HEAD OF OPERATIONAL RISK ASSESSMENTS MERCER
More informationEl costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada
El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada The Traditional Approach is Changing. Security is no longer controlled and enforced through the
More informationJort Kollerie SonicWALL
Jort Kollerie Cloud 85% of businesses said their organizations will use cloud tools moderately to extensively in the next 3 years. 68% of spend in private cloud solutions. - Bain and Dell 3 Confidential
More informationMeeting Cyber Security Challenges
Meeting Cyber Security Challenges Presented to Naval Postgraduate School Cyber Summit 29 October 2009 Cynthia Irvine, PhD, Professor Naval Postgraduate School UNCLASSIFIED Overview Challenges in Cyber
More informationLoophole+ with Ethical Hacking and Penetration Testing
Loophole+ with Ethical Hacking and Penetration Testing Duration Lecture and Demonstration: 15 Hours Security Challenge: 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once said,
More informationRLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses
RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123 Cybersecurity: A Growing Concern for Small Businesses Copyright Materials This presentation is protected by US and International Copyright
More informationSeminar: Security Metrics in Cloud Computing (20-00-0577-se)
Technische Universität Darmstadt Dependable, Embedded Systems and Software Group (DEEDS) Hochschulstr. 10 64289 Darmstadt Seminar: Security Metrics in Cloud Computing (20-00-0577-se) Topics Descriptions
More informationCapacity Building in Cyber Security Literacy: An Inter-disciplinary Approach
Capacity Building in Cyber Security Literacy: An Inter-disciplinary Approach This material is based upon work supported by the National Science Foundation under Grant No. 1516724 Project Organization University
More informationDiscussion Draft of the Preliminary Cybersecurity Framework Illustrative Examples
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 Discussion Draft of the Preliminary Cybersecurity Framework Illustrative Examples The
More informationENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012
ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe CENTR General Assembly, Brussels October 4, 2012 christoffer.karsberg@enisa.europa.eu 1 Who we are ENISA was
More informationPrivacy and Security in Healthcare
5 th 5 th th National HIPAA Summit National Strategy to Secure Cyberspace Privacy and Security in Healthcare October 31, 2002 Andy Purdy Senior Advisor, IT Security and Privacy The President s Critical
More informationNine Steps to Smart Security for Small Businesses
Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...
More informationThe University of Alabama Cyber Research Initiatives. Cyber Forensics Research Cyber Security Research
The University of Alabama Cyber Research Initiatives Cyber Forensics Research Cyber Security Research Cyber Forensics Research Department of Criminal Justice College of Arts and Sciences Cyber Crime Research
More informationA Security Risk Assessment Process for Utilities and Building Automation Systems. Daniel Adinolfi & Joe Homza Cornell University IT Security Office
A Security Risk Assessment Process for Utilities and Building Automation Systems Daniel Adinolfi & Joe Homza Cornell University IT Security Office The Scope: Cornell and Our Facilities Networks The History:
More informationUS Federal Cyber Security Research Program. NITRD Program
US Federal Cyber Security Research Program NITRD Program Purpose The primary mechanism by which the U.S. Government coordinates its unclassified Networking and IT R&D (NITRD) investments Supports NIT-related
More informationStudent Tech Security Training. ITS Security Office
Student Tech Security Training ITS Security Office ITS Security Office Total Security is an illusion security will always be slightly broken. Find strategies for living with it. Monitor our Network with
More informationStrategic Plan On-Demand Services April 2, 2015
Strategic Plan On-Demand Services April 2, 2015 1 GDCS eliminates the fears and delays that accompany trying to run an organization in an unsecured environment, and ensures that our customers focus on
More informationFRAMEWORK for NATIONAL NETWORK & CYBER SECURITY
FRAMEWORK for NATIONAL NETWORK & CYBER SECURITY 23 September 2009 1 06-02-200906.02.2009 Ram Narain Email: ramnarain@hotmail.com 7 Tier Approach to Network & Cyber Security 5 levels of Security Tier 1
More informationA Systems Engineering Approach to Developing Cyber Security Professionals
A Systems Engineering Approach to Developing Cyber Security Professionals D r. J e r r y H i l l Approved for Public Release; Distribution Unlimited. 13-3793 2013 The MITRE Corporation. All rights reserved.
More informationHow are we keeping Hackers away from our UCD networks and computer systems?
How are we keeping Hackers away from our UCD networks and computer systems? Cybercrime Sony's Hacking Scandal Could Cost The Company $100 Million - http://www.businessinsider.com/sonys-hacking-scandal-could-cost-the-company-100-million-2014-12
More informationNow and Tomorrow. IEEE/AICCSA Conference November 2014 Malike Bouaoud Cyber Security Advisor
Now and Tomorrow IEEE/AICCSA Conference November 2014 Malike Bouaoud Cyber Security Advisor Hacktivism Regulatory/Compliance (local and international) Sophisticated Malware Data leakage Cybercriminal syndicates
More informationCESG Certification of Cyber Security Training Courses
CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security
More informationCyber Security for SCADA/ICS Networks
Cyber Security for SCADA/ICS Networks GANESH NARAYANAN HEAD-CONSULTING CYBER SECURITY SERVICES www.thalesgroup.com Increasing Cyber Attacks on SCADA / ICS Systems 2 What is SCADA Supervisory Control And
More informationIEEE-Northwest Energy Systems Symposium (NWESS)
IEEE-Northwest Energy Systems Symposium (NWESS) Paul Skare Energy & Environment Directorate Cybersecurity Program Manager Philip Craig Jr National Security Directorate Sr. Cyber Research Engineer The Pacific
More informationLessons from Defending Cyberspace
Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat
More informationINFORMATION SECURITY FOR YOUR AGENCY
INFORMATION SECURITY FOR YOUR AGENCY Presenter: Chad Knutson Secure Banking Solutions, LLC CONTACT INFORMATION Dr. Kevin Streff Professor at Dakota State University Director - National Center for the Protection
More informationInformation Technology General Controls Review (ITGC) Audit Program Prepared by:
Information Technology General Controls Review (ITGC) Audit Program Date Prepared: 2012 Internal Audit Work Plan Objective: IT General Controls (ITGC) address the overall operation and activities of the
More informationCapabilities for Cybersecurity Resilience
Capabilities for Cybersecurity Resilience In the Homeland Security Enterprise May 2012 DHS Cybersecurity Strategy A cyberspace that: Is Secure and Resilient Enables Innovation Protects Public Advances
More informationWorkshop Designed & Powered by TCIL IT, Chandigarh
Two Days Interactive workshop on Cyber Security and Ethical Hacking Total (16 HOURS) Workshop Designed & Powered by TCIL IT, Chandigarh Speaker:- Mr Rahul Tyagi - ETHICAL HACKER Workshop Contents Cyber
More informationNetwork Security: Introduction
Network Security: Introduction 1. Network security models 2. Vulnerabilities, threats and attacks 3. Basic types of attacks 4. Managing network security 1. Network security models Security Security has
More informationThe Information Security Problem
Chapter 10 Objectives Describe the major concepts and terminology of EC security. Understand phishing and its relationship to financial crimes. Describe the information assurance security principles. Identify
More information