IT Security Community

Size: px
Start display at page:

Download "IT Security Community"

Transcription

1 IT Security Community Who are we? The CompTIA IT Security is a group focused on the changing security issues of today. Who should join? Anyone looking to stay current with the ever- changing security landscape. Join at Security Take ac8on Try the IT Security Assessment Wizard Copyright (c) 2014 CompTIA Proper8es, LLC. All Rights Reserved. CompTIA.org 1

2 Evolution of Cyber Crime From Scareware and Ransomware to Destructionware

3 Introduction Ian Trump, CD, CPM, BA is Security Lead at MAXfocus working across all lines of business to define, create and execute security solutions and promote a safe, secure Internet for Small & Medium Business world wide to 1992 Canadian Forces (CF), Military Intelligence Branch to 2013, CF Military Police (Reserves), retired as a Public Affairs Officer in to 2010, Royal Canadian Mounted Police, Criminal Intelligence Analyst Founding Partner and CTO Octopi Managed Services Inc. (OMS). Cyber security work for national, international organizations and Government of Canada.

4 Hey Mom, Look at Me! The nice thing about being detained in Canada is it's like being in a Days Inn; it's very clean and very nice. Bill Ayers

5 I Would Like to Thank the Academy Theft Not just the business intellectual property, but any account information that can lead a cybercriminal to greater riches. Fraud Using impersonation and man-in-the-middle techniques, cybercriminals seek to conduct banking, point-of-sale, payroll and online ordering fraud.

6 I Would Like to Thank the Academy Extortion Holding important data ransom, a great example is CryptoLocker malware or threating the business online services with DDOS attacks unless payment is made. Vandalism Perhaps the cybercriminals have been paid by a rival, or need to try out new advanced malware? Maybe a hactivist community is angered by your companies polices or actions?

7 But Wait, There s More CEM Child Exploitation Material, produced, facilitated and distributed using digital means. Counterfeiting From documents to fake goods a great deal of this type of crime has moved into the digital realm.

8 But Wait, There s More Recruiting For criminal, terrorists and human-trafficking activities, victims are contacted predominantly via social media. Crime as a Service The brokering and facilitating of various criminal services from exploits to the recruitment of money mules is facilitated by administrators of large underground criminal marketplaces.

9 My Other Computer is Your Computer

10 Our Nominees for Best Cyber Criminals Are: Awards for Best Criminal, Best Foreign Nation State, Best Criminal Outsource Provider and Best Terrorist. Does any of this really matter?

11 The Breaches

12 Our Nominees for Best Cyber Criminals Are: Who did it? Who cares who did it? How was it done? Who cares how it was done?

13 #Speculation https:// 2014/12/a-breakdown-and- analysis-of-the-december sony-hack/ sony_aka_sownage.html The Beginning (November 24) Second Round of Leaks (December 3) The Analysis Game (December 4) The Next Chapter (December 5) The Analysis Continues (December 7) 15 Days Under Siege (December 8)

14 #Speculation https:// 2014/12/a-breakdown-and- analysis-of-the-december sony-hack/ sony_aka_sownage.html Ex-Sony Employees, Russia, NK, Anonymous, and Sanctions (January 5th) Insurance Claims, Money and Pranks (January 6th) Attribution, Someone Is Wrong, and Lulz! (January 12th) Catching Up and Closing Out! (February 22nd)

15 #Solastyear Krebs on Security: The apparent credit and debit card breach uncovered at Home Depot was aided in part by a new variant of the malicious software program that stole card account data from cash registers at Target last December. Analysis revealed at least some of Home Depot s store registers had been infected with a new variant of BlackPOS (a.k.a. Kaptoxa ), a malware strain designed to siphon data from cards when they are swiped at infected point-of-sale systems running Microsoft Windows (XP).

16 It s Raining Cyber!

17 The Sploits

18 Absolute Sownage Patch comes out, see what it fixes. Reverse engineer patch to break what it fixes. Build exploit package. Sell to cybercrime botnet underground. Botnet spear-phishes, phishes or conducts automated attacks.

19 But, That s Like a Lot of Work Analysis of the Carbanak Report ($300M to $1Bn Loss targeting the Banking Industry) indicates a Basic Security Bundle of our products could have prevented this cyber attack. "All observed cases used spear phishing s with Microsoft Word (.doc) files attached or CPL files. The doc files exploit both Microsoft Office (CVE and CVE ) and Microsoft Word (CVE ). Patched and updated machines would have not been affected by this spear phishing attack.

20 But, That s Like a Lot of Work The age of the Trojan malware used it is very likely that Antivirus would have intercepted the malware. "There is evidence indicating that in most cases the network was compromised for between two to four months. This indicates that worst case scenario is the banks in question had six months to deploy the appropriate patches but failed to do so.

21 The Challenge

22 Clean Out Your App Closet Less Applications = Less Vulnerability Patch & Update Your OS Patch & Update Your Third-Party Apps Remove Administrator Privileges Application Whitelists Figure Out Your Software and Hardware Firewalls

23 Clean Out Your App Closet Security Awareness Training SANS 20 NIST Australian DSD 35 Buy More of Everything!

24 205 Days Ago You Were Really Mean to Me. FireEye's Mandiant Division M-Trends 2015 In 2014, 205 days to discover breach, down from 229 days in 2013 and 243 days in In 2014, only 31% of breaches were selfdetected by enterprises, down from 33% in 2013.

25 Firewall All The Things!

26 LOL, Cats

27 Thank You In 2001, armed with a Palm Pilot, I agended Defcon 9. I lost my Palm Pilot. Defcon combined curiosity, informajon security and a paranoid understanding of how vulnerable, fragile and uljmately challenging this new connected environment was going to become. Ian Trump, 2014

Cybersecurity Awareness. Part 1

Cybersecurity Awareness. Part 1 Part 1 Objectives Discuss the Evolution of Data Security Define and Discuss Cybersecurity Review Threat Environment Part 1 Discuss Information Security Programs s Enhancements for Cybersecurity Risks Threat

More information

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes

More information

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord Building The Human Firewall Andy Sawyer, CISM, C CISO Director of Security Locke Lord Confidentiality, Integrity, Availability Benchmarks of Cybersecurity: Confidentiality Information is protected against

More information

Security Challenges and Solutions for Higher Education. May 2011

Security Challenges and Solutions for Higher Education. May 2011 Security Challenges and Solutions for Higher Education May 2011 Discussion Topics Security Threats and Challenges Education Risks and Trends ACH and Wire Fraud Malware and Phishing Techniques Prevention

More information

Presented By: Corporate Security Information Security Treasury Management

Presented By: Corporate Security Information Security Treasury Management Presented By: Corporate Security Information Security Treasury Management Is Your Business Prepared for a Cyber Incident? It s not a matter of if, it s a matter of when Cyber Attacks are on the Rise; Physical

More information

CYBERSECURITY FRAUD LOSS ISSUES & HOW TO ADDRESS RISKS IN TODAY'S INSURANCE MARKETPLACE 12/16/2015. December 17, 2015

CYBERSECURITY FRAUD LOSS ISSUES & HOW TO ADDRESS RISKS IN TODAY'S INSURANCE MARKETPLACE 12/16/2015. December 17, 2015 12/16/2015 CYBERSECURITY FRAUD LOSS ISSUES & HOW TO ADDRESS RISKS IN TODAY'S INSURANCE MARKETPLACE December 17, 2015 Angela R. Morelock, CPA, CFE, CFF, ABV Partner, BKD, LLP amorelock@bkd.com Jeff Eiserman

More information

Practical Steps To Securing Process Control Networks

Practical Steps To Securing Process Control Networks Practical Steps To Securing Process Control Networks Villanova University Seminar Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Lockheed Martin Corporation 2014. All Rights Reserved.

More information

Trust the Innovator to Simplify Cloud Security

Trust the Innovator to Simplify Cloud Security Trust the Innovator to Simplify Cloud Security Contents MailGuard Pty Ltd Page 1 of 7 2 Let s get real for a moment. Your antivirus software isn t stopping fastbreak phishing and other spam attacks like

More information

Top Fraud Trends Facing Financial Institutions

Top Fraud Trends Facing Financial Institutions Top Fraud Trends Facing Financial Institutions Presented on: October 7, 2015, 2-3 ET Presented by: Ann Davidson - VP of Risk Consulting at Allied Solutions Webinar Agenda 1. Fraud trends in 2015 and beyond

More information

Small businesses: What you need to know about cyber security

Small businesses: What you need to know about cyber security Small businesses: What you need to know about cyber security Contents Why you need to know about cyber security... 3 Understanding the risks to your business... 4 How you can manage the risks... 5 Planning

More information

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123 Cybersecurity: A Growing Concern for Small Businesses Copyright Materials This presentation is protected by US and International Copyright

More information

Ty Miller. Director, Threat Intelligence Pty Ltd

Ty Miller. Director, Threat Intelligence Pty Ltd Ty Miller Director, Threat Intelligence Pty Ltd Security Specialist Creator of Threat Analytics CREST Tech Lead, Assessor, Board of Directors Trained likes of FBI, US DoD, US Mil, International Govt agencies,

More information

Identifying Cyber Risks and How they Impact Your Business

Identifying Cyber Risks and How they Impact Your Business 10 December, 2014 Identifying Cyber Risks and How they Impact Your Business David Bateman, Partner, K&L Gates, Seattle Sasi-Kanth Mallela, Special Counsel, K&L Gates, London Copyright 2013 by K&L Gates

More information

Fighting Advanced Threats

Fighting Advanced Threats Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.

More information

Federal Bureau of Investigation

Federal Bureau of Investigation Federal Bureau of Investigation SSA John Caruthers Cyber Criminal Section SSA Kenneth Schmutz Cyber National Security Section April 11, 2012 FBI Mission Cyber Threats FBI Response 1. Protect the United

More information

current and previous addresses name/ssn Medical Insurance info UNCLASSIFIED credit info family info phone & fax #

current and previous addresses name/ssn Medical Insurance info UNCLASSIFIED credit info family info phone & fax # Personal Identifiable Information current and previous addresses name/ssn credit info family info Medical Insurance info professional & personal relationships email address phone & fax # 1 Implications

More information

Collateral Effects of Cyberwar

Collateral Effects of Cyberwar Your texte here. Collateral Effects of Cyberwar by Ilia Kolochenko for Geneva Information Security Day 9 th of October 2015 Quick Facts and Numbers About Cybersecurity In 2014 the annual cost of global

More information

Who s Doing the Hacking?

Who s Doing the Hacking? Who s Doing the Hacking? 1 HACKTIVISTS Although the term hacktivist refers to cyber attacks conducted in the name of political activism, this segment of the cyber threat spectrum covers everything from

More information

Cybercrime and Identity Theft: Awareness and Protection 2015 HLC Conference

Cybercrime and Identity Theft: Awareness and Protection 2015 HLC Conference Cybercrime and Identity Theft: Awareness and Protection 2015 HLC Conference Christopher T. Van Marter Senior Deputy Prosecuting Attorney Chief White Collar Crime Unit Department of the Prosecuting Attorney

More information

Practice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited

Practice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited Practice Good Enterprise Security Management Presented by Laurence CHAN, MTR Corporation Limited About Me Manager Information Security o o o o Policy formulation and governance Incident response Incident

More information

Presented by: Islanders Bank

Presented by: Islanders Bank Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why it s important Provide information about Dept. Homeland Security Cybersecurity Campaigns:

More information

Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions. BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI

Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions. BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI UNICRI s Main Goals The United Nations Interregional Crime and

More information

The SMB Cyber Security Survival Guide

The SMB Cyber Security Survival Guide The SMB Cyber Security Survival Guide Stephen Cobb, CISSP Security Evangelist The challenge A data security breach can put a business out of business or create serious unbudgeted costs To survive in today

More information

FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES

FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5,500 companies in 26 countries around the world

More information

Guide Antivirus. You wouldn t leave the door to your premises open at night. So why risk doing the same with your network?

Guide Antivirus. You wouldn t leave the door to your premises open at night. So why risk doing the same with your network? You wouldn t leave the door to your premises open at night. So why risk doing the same with your network? Most businesses know the importance of installing antivirus products on their PCs to securely protect

More information

Applying the 80/20 approach for Operational Excellence. How to combat new age threats, optimize investments and increase security.

Applying the 80/20 approach for Operational Excellence. How to combat new age threats, optimize investments and increase security. Applying the 80/20 approach for Operational Excellence How to combat new age threats, optimize investments and increase security Vinod Vasudevan Agenda Current Threat Landscape The 80/20 Approach Achieving

More information

TYPES, PREVALENCE, AND PREVENTION OF CYBERCRIME. Haya Fetais & Mohammed Shabana. Saint Leo University COM- 510

TYPES, PREVALENCE, AND PREVENTION OF CYBERCRIME. Haya Fetais & Mohammed Shabana. Saint Leo University COM- 510 TYPES, PREVALENCE, AND PREVENTION OF CYBERCRIME Haya Fetais & Mohammed Shabana Saint Leo University COM- 510 November 23, 2014 Introduction Globalization and technological developments have infiltrated

More information

Anti-exploit tools: The next wave of enterprise security

Anti-exploit tools: The next wave of enterprise security Anti-exploit tools: The next wave of enterprise security Intro From malware and ransomware to increasingly common state-sponsored attacks, organizations across industries are struggling to stay ahead of

More information

Automated Protection on UCS with Trend Micro Deep Security

Automated Protection on UCS with Trend Micro Deep Security Copyright 2014 Trend Micro Inc. Automated Protection on UCS with Trend Micro Deep Security Chris Van Den Abbeele Senior presales Engineer Agenda 1. Industrialization of Cyber threats The boomerang of Project

More information

Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only

Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors Microsoft Confidential for internal use only Wall Street Journal, JP Morgan, Lockheed, Bushehr nuclear

More information

Small businesses: What you need to know about cyber security

Small businesses: What you need to know about cyber security Small businesses: What you need to know about cyber security March 2015 Contents page What you need to know about cyber security... 3 Why you need to know about cyber security... 4 Getting the basics right...

More information

Global IT Security Risks

Global IT Security Risks Global IT Security Risks June 17, 2011 Kaspersky Lab leverages the leading expertise in IT security risks, malware and vulnerabilities to protect its customers in the best possible way. To ensure the most

More information

Cloud Security VS Cybercrime Economy: The Kaspersky Vision. Eugene Kaspersky Co-founder & CEO, Kaspersky Lab

Cloud Security VS Cybercrime Economy: The Kaspersky Vision. Eugene Kaspersky Co-founder & CEO, Kaspersky Lab Cloud Security VS Cybercrime Economy: The Kaspersky Vision Eugene Kaspersky Co-founder & CEO, Kaspersky Lab The Digital World is Under Attack 20 000 000 The last five years have become the 18 000 000 Golden

More information

Don t Fall Victim to Cybercrime:

Don t Fall Victim to Cybercrime: Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security

More information

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014 Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014 Lisa D. Traina, CPA, CITP, CGMA Lisa Traina utilizes her 30+ years of experience as a CPA, CITP and CGMA

More information

Defending Against Cyber Attacks with SessionLevel Network Security

Defending Against Cyber Attacks with SessionLevel Network Security Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive

More information

TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY. Mark Villinski @markvillinski

TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY. Mark Villinski @markvillinski TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY Mark Villinski @markvillinski Why do we have to educate employees about cybersecurity? 2014 Corporate Threats Survey 94% of business s suffered one

More information

Information Security and Risk Management

Information Security and Risk Management Information Security and Risk Management COSO and COBIT Standards and Requirements Page 1 Topics Information Security Industry Standards and COBIT Framework Relation to COSO Internal Control Risk Management

More information

Cyber-Security Risk in the Global Organization:

Cyber-Security Risk in the Global Organization: Cyber-Security Risk in the Global Organization: Trends, Challenges and Strategies for Effective Management David Childers, CCEP, CIPP CEO, Compli Todd Carroll Assistant Special Agent in Charge, FBI Three

More information

Surviving and operating services despite highly skilled and well-funded organised crime groups. Romain Wartel, CERN CHEP 2015, Okinawa

Surviving and operating services despite highly skilled and well-funded organised crime groups. Romain Wartel, CERN CHEP 2015, Okinawa Surviving and operating services despite highly skilled and well-funded organised crime groups Romain Wartel, CERN CHEP 2015, Okinawa 1 Operation Windigo (2011 - now) 30,000+ unique servers compromised

More information

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference

More information

INDUSTRY OVERVIEW: RETAIL

INDUSTRY OVERVIEW: RETAIL ii IBM MSS INDUSTRY OVERVIEW: RETAIL RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: JANUARY 5, 215 BY: DAVID MCMILLEN, SENIOR THREAT RESEARCHER Copyright IBM Corporation 214. All rights reserved. IBM and

More information

Attribution: The Holy Grail or Waste of Time? Billy Leonard Google Should this be the end, our Holy Grail? How s that picture going to help you now? But, the pictures make me safer! We can do better. Our

More information

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats

More information

CYBERSECURITY HOT TOPICS

CYBERSECURITY HOT TOPICS 1 CYBERSECURITY HOT TOPICS Secure Banking Solutions 2 Presenter Chad Knutson VP SBS Institute Senior Information Security Consultant Masters in Information Assurance CISSP, CISA, CRISC www.protectmybank.com

More information

Malware & Botnets. Botnets

Malware & Botnets. Botnets - 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online

More information

Malicious cyber activity is on the increase at risk. This may involve the loss of critical data and consumer confidence, as well as profits

Malicious cyber activity is on the increase at risk. This may involve the loss of critical data and consumer confidence, as well as profits CYBER CRIME & SECURITY SURVEY REPORT 2013 Foreword Malicious cyber activity is on the increase and every business with an online presence is at risk. This may involve the loss of critical data and consumer

More information

How-To Guide: Cyber Security. Content Provided by

How-To Guide: Cyber Security. Content Provided by How-To Guide: Cyber Security Content Provided by Who needs cyber security? Businesses that have, use, or support computers, smartphones, email, websites, social media, or cloudbased services. Businesses

More information

Are You A Sitting Duck?

Are You A Sitting Duck? The 7 Most Cricitcal I.T. Security Protections Every Business Must Have in Place Now to Protect Themselves from Cybercrime, Data Breaches, and Hacker Attacks Cybercrime is at an all-time high, and hackers

More information

Dissecting the Recent Cyber Security Breaches. Yu Cai School of Technology Michigan Technological University

Dissecting the Recent Cyber Security Breaches. Yu Cai School of Technology Michigan Technological University Dissecting the Recent Cyber Security Breaches Yu Cai School of Technology Michigan Technological University Disclaimers Most information in this presentation was collected from various sources on the Internet.

More information

TLP WHITE. Denial of service attacks: what you need to know

TLP WHITE. Denial of service attacks: what you need to know Denial of service attacks: what you need to know Contents Introduction... 2 What is DOS and how does it work?... 2 DDOS... 4 Why are they used?... 5 Take action... 6 Firewalls, antivirus and updates...

More information

The Cancer Running Through IT Cybercrime and Information Security

The Cancer Running Through IT Cybercrime and Information Security WHITE PAPER The Cancer Running Through IT Prepared by: Richard Brown, Senior Service Management Consultant Steve Ingall, Head of Consultancy 60 Lombard Street London EC3V 9EA T: +44 (0)207 464 8883 E:

More information

Primer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS

Primer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS A Primer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS Even with today s breakthroughs in online communication, email is still one of the main ways that most

More information

Risk Management in Global Operating Industry

Risk Management in Global Operating Industry Risk Management in Global Operating Industry World Financial Symposium 2015 Here is the News Saleema Brohi Aviation Legal Expert Session Sponsor World Financial Symposium 2015 Cyber Attack! - Beyond Firewalls

More information

Managing Web Security in an Increasingly Challenging Threat Landscape

Managing Web Security in an Increasingly Challenging Threat Landscape Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.

More information

G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015

G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 CONTENTS At a glance 03-03 Forecasts and trends 03-03 Current situation: 4,900 new Android malware samples every day 04-04 Half of Android malware is

More information

G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015

G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 CONTENTS At a glance 03-03 Forecasts and trends 03-03 Current situation: 4,900 new Android malware samples every day 04-04 Half of Android malware is

More information

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper Safeguarding data through increased awareness November 2015 1 Contents Executive Summary 3 Introduction 4 Martime Security 5 Perimeters Breached

More information

FBI CHALLENGES IN A CYBER-BASED WORLD

FBI CHALLENGES IN A CYBER-BASED WORLD FBI CHALLENGES IN A CYBER-BASED WORLD Federal Bureau of Investigation Assistant General Counsel Robert Bergida 202-651-3209 Overview Cyber Threats FBI Mission FBI Response Terrorism remains the FBI s top

More information

UNCLASSIFIED. Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC)

UNCLASSIFIED. Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC) Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC) Cyber in the News 1 Tactics, Techniques and Procedures These observed tactics, techniques

More information

Property of Secure Network Technologies-Do Not Distribute or Post Without Written Permission-Copyrights and Trademark Apply

Property of Secure Network Technologies-Do Not Distribute or Post Without Written Permission-Copyrights and Trademark Apply Malware - Mules & Money Mobile Edition v2.0 By Steve Stasiukonis What We Do Security Assessments & Penetration Tests Incident Response Digital Investigation & Forensic Services Technical Surveillance Countermeasure

More information

The Fundamental Failures of End-Point Security. Stefan Frei Research Analyst Director sfrei@secunia.com

The Fundamental Failures of End-Point Security. Stefan Frei Research Analyst Director sfrei@secunia.com The Fundamental Failures of End-Point Security Stefan Frei Research Analyst Director sfrei@secunia.com Agenda The Changing Threat Environment Malware Tools & Services Why Cybercriminals Need No 0-Days

More information

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc.

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc. Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References

More information

OVERVIEW. 1. Cyber Crime Unit organization. 2. Legal framework. 3. Identity theft modus operandi. 4. How to avoid online identity theft

OVERVIEW. 1. Cyber Crime Unit organization. 2. Legal framework. 3. Identity theft modus operandi. 4. How to avoid online identity theft OVERVIEW 2 1. Cyber Crime Unit organization 2. Legal framework 3. Identity theft modus operandi 4. How to avoid online identity theft 5. Main challenges for investigation 6. Conclusions ORGANIZATION 3

More information

EMERGING TRENDS IN FRAUD: CRIMINALS HAVE FOUND THE WEAKEST LINK

EMERGING TRENDS IN FRAUD: CRIMINALS HAVE FOUND THE WEAKEST LINK EMERGING TRENDS IN FRAUD: CRIMINALS HAVE FOUND THE WEAKEST LINK Fraud Investigations Division: Global Security & Investigations Ed Cook Executive Director Regional Investigations Objectives: Provide a

More information

Simplifying Security & Compliance Innovating IT Managed Services. Data Security Threat Landscape and IT General Controls

Simplifying Security & Compliance Innovating IT Managed Services. Data Security Threat Landscape and IT General Controls Simplifying Security & Compliance Innovating IT Managed Services Data Security Threat Landscape and IT General Controls Audit Standards and IT General Controls General IT controls discussed in AUC Section

More information

Internet threats: steps to security for your small business

Internet threats: steps to security for your small business Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

More information

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security Evangelist @StephenCoty

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security Evangelist @StephenCoty EMERGING THREATS & STRATEGIES FOR DEFENSE Stephen Coty Chief Security Evangelist @StephenCoty Industry Analysis 2014 Data Breaches - Ponemon Ponemon 2014 Data Breach Report *Statistics from 2013 Verizon

More information

Remote Deposit Quick Start Guide

Remote Deposit Quick Start Guide Treasury Management Fraud Prevention How to Protect Your Business Remote Deposit Quick Start Guide What s Inside We re committed to the safety of your company s financial information. We want to make you

More information

SolarWinds Federal Cybersecurity Survey Summary Report

SolarWinds Federal Cybersecurity Survey Summary Report SolarWinds Federal Cybersecurity Survey Summary Report March 26, 2014 2014 Market Connections, Inc. BACKGROUND AND APPROACH 2 Background and Approach SolarWinds and Market Connections worked together to

More information

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015 Cybersecurity: A Growing Concern for All Businesses RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015 RLI Design Professionals is a Registered Provider with The American

More information

Cyber Security: Are You Prepared?

Cyber Security: Are You Prepared? Cyber Security: Are You Prepared? This briefing provides a high-level overview of the cyber security issues that businesses should be aware of. You should talk to a lawyer and an IT specialist for a complete

More information

Cyber Security 2014 SECURE BANKING SOLUTIONS, LLC

Cyber Security 2014 SECURE BANKING SOLUTIONS, LLC Cyber Security CHAD KNUTSON SECURE BANKING SOLUTIONS 2014 SECURE BANKING SOLUTIONS, LLC Presenter Chad Knutson Senior Information Security Consultant Masters in Information Assurance CISSP (Certified Information

More information

SESSION 507 Thursday, March 26, 11:15 AM - 12:15 PM Track: Desktop Support

SESSION 507 Thursday, March 26, 11:15 AM - 12:15 PM Track: Desktop Support SESSION 507 Thursday, March 26, 11:15 AM - 12:15 PM Track: Desktop Support Desktop Support and Data Breaches: The Unknown Dangers Bryan Hood Senior Solutions Engineer, Bomgar bhood@bomgar.com Session Description

More information

I ve been breached! Now what?

I ve been breached! Now what? I ve been breached! Now what? THE AFTERMATH OF A BREACH & STEPS TO REDUCE RISK The number of data breaches in the United States in 2014 hit a record high. And 2015 is not looking any better. There have

More information

BE SAFE ONLINE: Lesson Plan

BE SAFE ONLINE: Lesson Plan BE SAFE ONLINE: Lesson Plan Overview Danger lurks online. Web access, social media, computers, tablets and smart phones expose users to the possibility of fraud and identity theft. Learn the steps to take

More information

TMCEC CYBER SECURITY TRAINING

TMCEC CYBER SECURITY TRAINING 1 TMCEC CYBER SECURITY TRAINING Agenda What is cyber-security? Why is cyber-security important? The essential role you play. Overview cyber security threats. Best practices in dealing with those threats.

More information

2016 Digital Safety Class UNDERSTAND YOUR RISKS AND STAY TOTALLY SECURE JESSE ROBERTSON, TECH 4 LIFE

2016 Digital Safety Class UNDERSTAND YOUR RISKS AND STAY TOTALLY SECURE JESSE ROBERTSON, TECH 4 LIFE 2016 Digital Safety Class UNDERSTAND YOUR RISKS AND STAY TOTALLY SECURE JESSE ROBERTSON, TECH 4 LIFE WHO ARE WE? 12 years of local Tech, Training and Website services Service the 4 areas of life Regularly

More information

Cyber Security for your Connected Health Device

Cyber Security for your Connected Health Device Cyber Security for your Connected Health Device Agenda Cyber Security Emerging Threats Implications to Healthcare Healthcare Response OpenSky s timeline Service Evolution Launch IT Optimization 2014 Geographic

More information

Cloud Services Prevent Zero-day and Targeted Attacks Tom De Belie Security Engineer. [Restricted] ONLY for designated groups and individuals

Cloud Services Prevent Zero-day and Targeted Attacks Tom De Belie Security Engineer. [Restricted] ONLY for designated groups and individuals Cloud Services Prevent Zero-day and Targeted Attacks Tom De Belie Security Engineer Facts 2 3 WOULD YOU OPEN THIS ATTACHMENT? 4 TARGETED ATTACKS BEGIN WITH ZERO-DAY EXPLOITS 5 Check Point Multi-Layered

More information

Cybercrimes: A Multidisciplinary Analysis

Cybercrimes: A Multidisciplinary Analysis Sumit Ghosh Elliot Turrini Editors Cybercrimes: A Multidisciplinary Analysis fyj Springer Part I Introducing Cybercrimes 1 A Pragmatic, Experiential Definition of Computer Crimes 3 1.1 Introducing Computer

More information

D2.2 Executive summary and brief: Cyber crime inventory and networks in non-ict sectors

D2.2 Executive summary and brief: Cyber crime inventory and networks in non-ict sectors FP7-SEC-2013.2.5-2 Grant Agreement Number 607775 Collaborative Project E-CRIME The economic impacts of cyber crime D2.2 Executive summary and brief: Cyber crime inventory and networks in non-ict sectors

More information

September 20, 2013 Senior IT Examiner Gene Lilienthal

September 20, 2013 Senior IT Examiner Gene Lilienthal Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank

More information

What the Biggest Data Breaches in Retail Have Taught Us about Cyber Security

What the Biggest Data Breaches in Retail Have Taught Us about Cyber Security What the Biggest Data Breaches in Retail Have Taught Us about Cyber Security With the holiday season upon us, much attention turns to the retail sector, which is expected to see unprecedented activity

More information

G Data Mobile MalwareReport. Half-Year Report July December 2013. G Data SecurityLabs

G Data Mobile MalwareReport. Half-Year Report July December 2013. G Data SecurityLabs G Data Mobile MalwareReport Half-Year Report July December 2013 G Data SecurityLabs Contents At a glance... 2 Android malware: share of PUPs increasing significantly... 3 Android.Application consists of

More information

Fostering Incident Response and Digital Forensics Research

Fostering Incident Response and Digital Forensics Research Fostering Incident Response and Digital Forensics Research Bruce J. Nikkel bruce.nikkel@ubs.com September 8, 2014 Abstract This article highlights different incident response topics with a focus on digital

More information

2012 NORTON CYBERCRIME REPORT

2012 NORTON CYBERCRIME REPORT 2012 NORTON CYBERCRIME REPORT 2012 NORTON CYBERCRIME REPORT 24 COUNTRIES AUSTRALIA, BRAZIL, CANADA, CHINA, COLOMBIA, DENMARK, FRANCE, GERMANY, INDIA, ITALY, JAPAN, MEXICO, NETHERLANDS, NEW ZEALAND, POLAND,

More information

SentinelOne Labs. Advanced Threat Intelligence Report. 2015 Predictions

SentinelOne Labs. Advanced Threat Intelligence Report. 2015 Predictions SentinelOne Labs Advanced Threat Intelligence Report 2015 Predictions 2014 Rearview More, Better Malware The past 12 months were characterized by the extension of threats that emerged in 2013: more sophisticated,

More information

MOBILE MALWARE REPORT

MOBILE MALWARE REPORT TRUST IN MOBILE MALWARE REPORT THREAT REPORT: H2/2014 CONTENTS At a Glance 03-03 Forecasts and trends 04-04 Current situation: 4.500 new Android malware instances every day 05-05 Third-party App-Stores

More information

Presentation Objectives

Presentation Objectives Gerry Cochran, IT Specialist Jennifer Van Tassel, Associate Examiner Office of the State Comptroller Thomas P. DiNapoli State & Local Government Accountability Andrew A. SanFilippo Executive Deputy Comptroller

More information

Threat Intelligence. How to Implement Software-Defined Protection. Nir Naaman, CISSP Senior Security Architect

Threat Intelligence. How to Implement Software-Defined Protection. Nir Naaman, CISSP Senior Security Architect How to Implement Software-Defined Protection Nir Naaman, CISSP Senior Security Architect Threat Intelligence 1 The Spanish flu, 1918 killing at least 50-100 million people worldwide. 2 The H1N1 Pandemic,

More information

Basic Security Considerations for Email and Web Browsing

Basic Security Considerations for Email and Web Browsing Basic Security Considerations for Email and Web Browsing There has been a significant increase in spear phishing and other such social engineering attacks via email in the last quarter of 2015, with notable

More information

Cybersecurity Awareness

Cybersecurity Awareness Awareness Objectives Discuss the Evolution of Data Security Define Review Threat Environment Discuss Information Security Program Enhancements for Cyber Risk Threat Intelligence Third-Party Management

More information

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013 CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

More information

Protecting Your Organisation from Targeted Cyber Intrusion

Protecting Your Organisation from Targeted Cyber Intrusion Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology

More information

Specific recommendations

Specific recommendations Background OpenSSL is an open source project which provides a Secure Socket Layer (SSL) V2/V3 and Transport Layer Security (TLS) V1 implementation along with a general purpose cryptographic library. It

More information

What are the common online dangers?

What are the common online dangers? ONLINE SECURITY GUIDELINES Internet Banking is convenient and times saving. You can do remittances, place online deposit and other transactions through online banking with the convenience and privacy of

More information

I N T E L L I G E N C E A S S E S S M E N T

I N T E L L I G E N C E A S S E S S M E N T I N T E L L I G E N C E A S S E S S M E N T (U//FOUO) Malicious Cyber Actors Target US Universities and Colleges 16 January 2015 Office of Intelligence and Analysis IA-0090-15 (U) Warning: This document

More information

Data Security. So many businesses leave their data exposed, That doesn t mean you have to. 2014 Computerbilities, Inc.

Data Security. So many businesses leave their data exposed, That doesn t mean you have to. 2014 Computerbilities, Inc. Data Security So many businesses leave their data exposed, That doesn t mean you have to. 2014 Computerbilities, Inc. Table of Contents: 1. Introduction 3 2. Cybersecurity: The loopholes in the system

More information