hello gavin dennis information security consultant
play

! Hello! Gavin Dennis Information Security Consultant Symptai - PowerPoint PPT Presentation

Jul 07, 2023 •170 likes •406 views

Cyber-Attack and Security: PUTTING THE AUDIT COMMITTEE ON HIGH ALERT ! Hello! Gavin Dennis Information Security Consultant Symptai Consulting Ltd. & OpenWave Information Security Ltd. LETS FOCUS ON 1 EVERYONE IS IMPORTANT IN

  1. Cyber-Attack and Security: PUTTING THE AUDIT COMMITTEE ON HIGH ALERT !

  2. Hello! Gavin Dennis Information Security Consultant Symptai Consulting Ltd. & OpenWave Information Security Ltd.

  3. LET’S FOCUS ON… 1 EVERYONE IS IMPORTANT IN SECURITY 2 MAKE OR BUY, WHICH IS MORE FEASIBLE 3 EMPHASIZE BUSINESS IMPACT AND VALUE

  4. 2016 INTERNATIONAL STATISTICS THREAT DATA COMPROMISED ACTORS 239 21,239 = 58 = 1% WERE INCIDENTS INCIDENTS OF ATTACKS 41% 62% INVOLVED CONFIRMED TARGETED PER DAY ARE EXTERNAL PERSONAL BREACHES PUBLIC SUCCESSFUL PARTIES SERVICES 41% SECRETS 14% CREDENTIALS Source: Verizon DBIR 2017 9% MEDICAL

  5. 2016 LOCAL INCIDENT STATISTICS Senior Advisor in the Ministry of Science, Energy and Technology, Trevor Forrest “The country lost US $100M ( J$12.8B ) due to cyber criminal activity” “…more than 230,000 threats were detected in the space of a month.” SOURCE: JIS (http://jis.gov.jm/everyone-risk- cybercrime) 230K x 12 months = 2.76M INCIDENTS p/yr Published: October 12, 2017 1% of 2.76M = 27.6K BREACHES PER DAY

  6. EXAMPLE – YAHOO – 1 BILLION Source: THE HACKER USERS NEWS

  7. EXAMPLE – EQUIFAX - 143M PII DATA Source: http://www.fox5dc.com EQUIFAX IS A CONSUMER CREDIT REPORTING AGENCY

  8. CORE AREAS ANALYSED IN DBIR 2017 PUBLIC ADMINISTRATION WAS A TOP VICTIM IN 7 OF 8 MAIN CATEGORIES Web Crimeware Cyber Denial Application Espionage of Attacks Service Insider and Miscellaneous Payment Card Physical Privilege Errors Skimmers Theft and Misuse Loss

  9. TRUE STORY

  10. 6 - 1 - PLAN REPEAT AUDIT PROCES 5 - 2 - CLOSE EXECUTE S 4 - FOLLOW- 3 - UP REPORT

  11. 1 PLAN

  12. EMPOWER YOUR TEAM!

  13. 2 EXECUTE

  14. IT being uncooperative 1 Source: THE HACKER NEWS 2 IT pressed for resources Security not treated with 3 priority

  15. AUDITS TO CONSIDER Security Baseline Patch Audit Identifies missing patches Assessments e.g. ISO 27K Password Audit Configuration Audit Tests for weak Checks for weak passwords. configurations

  16. 3 REPORT

  17. MEASURE AUDITEES’ MATURITY LEVEL 5 - OPTIMIZE 1 - INITIAL 3 - DEFINED 2 - 4 - MANAGED REPEATABLE

  18. 4 FOLLOW- UP

  19. 5 CLOSE

  20. 6 REPEAT

  21. Q&A! EXPRESS YOURSELF

  22. Thank You wholeheartedly ! Now go forth and be great!

Recommend

Information Security in a Wireless World Dennis D. Steinauer Computer Security Division

Information Security in a Wireless World Dennis D. Steinauer Computer Security Division

Information Security in a Wireless World Dennis D. Steinauer Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD Information Security in a Wireless World Basic

554 views • 30 slides
IOT SECURITY ONGOING CHALLENGES Selvana Naiken Gopalla Information Security Consultant

IOT SECURITY ONGOING CHALLENGES Selvana Naiken Gopalla Information Security Consultant

IOT SECURITY ONGOING CHALLENGES Selvana Naiken Gopalla Information Security Consultant CERT-MU | National Computer Board OUTLINE The Internet of Insecure Things New Devices, New Security Challenges IOT Specific Security Issues

302 views • 27 slides
Export to RCE Adam Greenhill SecurityCompass Who am I? Senior Consultant @ Security

Export to RCE Adam Greenhill SecurityCompass Who am I? Senior Consultant @ Security

Export to RCE Adam Greenhill SecurityCompass Who am I? Senior Consultant @ Security Compass OSCP Graduated Sheridan Colleges Honours Bachelor of Applied Information Sciences (Information Systems Security) Fun fact:

605 views • 42 slides
Who am I? Valentinas Bakaitis Security consultant at Aura Information Security

Who am I? Valentinas Bakaitis Security consultant at Aura Information Security

Who am I? Valentinas Bakaitis Security consultant at Aura Information Security @vbakaitis on twitter What is XSS? User Supplied Text: <script>alert(xss);</ script> Image with user supplied title <img

435 views • 18 slides
Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols 01 Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief introduction to security protocols; Model checking of security protocols, particularly using the process

1.28k views • 110 slides
Security 101 Definition of Information Security Information security is the protection of

Security 101 Definition of Information Security Information security is the protection of

Computing Services Information Security Office Security 101 Definition of Information Security Information security is the protection of information and systems from unauthorized access, disclosure, modification, destruction or disruption. The

469 views • 22 slides
Food Security Task Force Governance Sunshine Ordinance & Bylaws April 3, 2019 GAVIN

Food Security Task Force Governance Sunshine Ordinance & Bylaws April 3, 2019 GAVIN

Food Security Task Force Governance Sunshine Ordinance & Bylaws April 3, 2019 GAVIN MORROW-HALL, COLLECTIVE IMPACT COORDINATOR PAULA JONES, DIRECTOR OF FOOD SECURITY 1 Overview 1. Policies Governing Food Security Task Force Ralph M.

469 views • 20 slides
Research Methods. By Dennis Ondrejka, PhD, RN, CNS Consultant and Educator White Paper available

Research Methods. By Dennis Ondrejka, PhD, RN, CNS Consultant and Educator White Paper available

A Review of Hierarchy of Research Models Identifies a Distortion of Research Methods. By Dennis Ondrejka, PhD, RN, CNS Consultant and Educator White Paper available on complete study: dondrejka7117@gmail.com Study Methodology This was a

512 views • 16 slides
@ ChrisJohnRiley > whoami IT Security Analyst / Security Consultant Raiffeisen

@ ChrisJohnRiley > whoami IT Security Analyst / Security Consultant Raiffeisen

@ ChrisJohnRiley > whoami IT Security Analyst / Security Consultant Raiffeisen Informatik GmbH R-IT CERT Team Regular conference speaker DEF CON | Bsides | Hashdays | SecZone blog http://blog.c22.cc Abject

2.84k views • 195 slides
Key-Dependent Message Security in the Standard Model Dennis Hofheinz (CWI, Amsterdam) What and

Key-Dependent Message Security in the Standard Model Dennis Hofheinz (CWI, Amsterdam) What and

Key-Dependent Message Security in the Standard Model Dennis Hofheinz (CWI, Amsterdam) What and why? Key-dependent message (KDM) security As IND, but with special encryption oracle Real game: O(F) = ENC SK ( F(SK) ) Random

272 views • 4 slides
One Resilience Noel L.J. Miranda, Bio-security/Bio-threats Preparedness Consultant ARF

One Resilience Noel L.J. Miranda, Bio-security/Bio-threats Preparedness Consultant ARF

Bio-security and -preparedness within One Resilience Noel L.J. Miranda, Bio-security/Bio-threats Preparedness Consultant ARF CROSS-SECTORAL SECURITY COOPERATION ON BIO-PREPAREDNESS AND DISASTER RESPONSE WORKSHOP 26-28 August 2014, Makati City,

446 views • 19 slides
Dell Security Overview Eddie Chan Security Solution Consultant Dell Security Solutions Dell |

Dell Security Overview Eddie Chan Security Solution Consultant Dell Security Solutions Dell |

Dell Security Overview Eddie Chan Security Solution Consultant Dell Security Solutions Dell | Hong Kong & Taiwan Agenda Session One 2016 Threat Report Update Session Two SonicWALL C APT URE Advanced Threat Protection Service

746 views • 63 slides
WiFi Social Engineering BIO Gabriel Mathenge Security enthusiast Security consultant at

WiFi Social Engineering BIO Gabriel Mathenge Security enthusiast Security consultant at

WiFi Social Engineering BIO Gabriel Mathenge Security enthusiast Security consultant at Ernst and Young (EY) Penetration testing and red teaming T: https://twitter.com/_V1VI E: gabriel@thevivi.net QUESTIONS Stop me whenever youre

891 views • 42 slides
Jaki VPN wybra w 2015? Piotr Matusiak Security Consultant, Cisco AS Education CCIE #19860,

Jaki VPN wybra w 2015? Piotr Matusiak Security Consultant, Cisco AS Education CCIE #19860,

Jaki VPN wybra w 2015? Piotr Matusiak Security Consultant, Cisco AS Education CCIE #19860, CCDE 2015::1, C|EH, SFCE Your Presenter Visit us: http://www.cisco.com/go/ase Piotr Matusiak Security Cyber Security (SCYBER) Security Consultant

1.11k views • 92 slides
Serverless security: attack & defense www.securing.pl #whoami Senior Security Consultant in

Serverless security: attack & defense www.securing.pl #whoami Senior Security Consultant in

www.securing.pl Pawel Rzepa Serverless security: attack & defense www.securing.pl #whoami Senior Security Consultant in - Pentesting - Cloud security assessment Blog: https://medium.com/@rzepsky @Rzepsky

1.1k views • 63 slides
Privacy Enhancing Technologies 2003 An Analysis of GNUnet and the Implications for Anonymous,

Privacy Enhancing Technologies 2003 An Analysis of GNUnet and the Implications for Anonymous,

Privacy Enhancing Technologies 2003 An Analysis of GNUnet and the Implications for Anonymous, Censorship-Resistant Networks Dennis Kgler Federal Office for Information Security, Germany Dennis.Kuegler@bsi.bund.de 1 Anonymous,

488 views • 16 slides
Viproy VoIP Penetration and Exploitation Toolkit Fatih zavc Security Consultant @ Sense of

Viproy VoIP Penetration and Exploitation Toolkit Fatih zavc Security Consultant @ Sense of

Viproy VoIP Penetration and Exploitation Toolkit Fatih zavc Security Consultant @ Sense of Security (Australia) # whois Security Consultant @ Sense of Security (Australia) 10+ Years Experience in Penetration Testing 800+

494 views • 21 slides
So You Want to Be an Information Security Officer? Presented by: Art Bakke Information Security

So You Want to Be an Information Security Officer? Presented by: Art Bakke Information Security

So You Want to Be an Information Security Officer? Presented by: Art Bakke Information Security Officer Background Personal Starion Bank Arts Goals Highlight the typical responsibilities of an Information Security Officer from

778 views • 22 slides
PHYS30441 Electrodynamics (M) Introduction L1 Gavin Smith Room 4.12 gavin.smith@manchester.ac.uk

PHYS30441 Electrodynamics (M) Introduction L1 Gavin Smith Room 4.12 gavin.smith@manchester.ac.uk

PHYS30441 Electrodynamics (M) Introduction L1 Gavin Smith Room 4.12 gavin.smith@manchester.ac.uk http://nucpc100.ph.man.ac.uk/electrodynamics/ Syllabus 0. Introduction and Overview (1 Lecture) 1. Electromagnetic Field Equations (7 lectures)

361 views • 6 slides
Reflections SDinGov 2019 Sophie Dennis conference chair and strategic design consultant

Reflections SDinGov 2019 Sophie Dennis conference chair and strategic design consultant

Reflections SDinGov 2019 Sophie Dennis conference chair and strategic design consultant @sophiedennis #sdingov @sophiedennis What did you learn? Who did you meet? What will you do (di ff erently)? #sdingov

448 views • 26 slides
INFORMATION SECURITY AWARENESS Information Security Education & Awareness Team C-DAC

INFORMATION SECURITY AWARENESS Information Security Education & Awareness Team C-DAC

Leading a Secured Digital Life. INFORMATION SECURITY AWARENESS Information Security Education & Awareness Team C-DAC Hyderabad keeping yourself and your family safe in a tech driven world Ministry of Electronics & Information

510 views • 11 slides
11/15/2012 Storage of Classified Information DoD Information Security Program 1 Information

11/15/2012 Storage of Classified Information DoD Information Security Program 1 Information

11/15/2012 Storage of Classified Information DoD Information Security Program 1 Information Security Webinar Storage of Classified Information Host: Treva Alexander, SAPPC Information Security Course Manager, DSS - CDSE Gained experience in

329 views • 14 slides
Cyber Security SLAIT CONSULTING.com SLAIT Consulting an ePlus Technology, Inc. Company Ivan Gil,

Cyber Security SLAIT CONSULTING.com SLAIT Consulting an ePlus Technology, Inc. Company Ivan Gil,

College and University Auditors of Virginia Conference May 2019 SLAIT Consulting Cyber Security SLAIT CONSULTING.com SLAIT Consulting an ePlus Technology, Inc. Company Ivan Gil, Sr. Information Security Consultant Sr. Information Security

479 views • 15 slides
Technical Controls SLAIT CONSULTING.com SLAIT Consulting an ePlus Technology, Inc. Company Ivan

Technical Controls SLAIT CONSULTING.com SLAIT Consulting an ePlus Technology, Inc. Company Ivan

SLAIT Consulting Threat Management and Technical Controls SLAIT CONSULTING.com SLAIT Consulting an ePlus Technology, Inc. Company Ivan Gil, Sr. Information Security Consultant Sr. Information Security Consultant assisting clients with their

589 views • 21 slides

More recommend