securing caribbean networks
play

Securing Caribbean networks Bevil Wooding Executive Director, - PowerPoint PPT Presentation

Jun 07, 2023 •256 likes •614 views

Securing Caribbean networks Bevil Wooding Executive Director, CaribNOG THE DIGITAL WORLD Explosion of Online Devices Explosion of Online Users Explosion of Online Data Dark Side To Digital Progress There are only two types of

  1. Securing Caribbean networks Bevil Wooding Executive Director, CaribNOG

  2. THE DIGITAL WORLD • Explosion of Online Devices • Explosion of Online Users • Explosion of Online Data

  3. Dark Side To Digital Progress

  4. “ There are only two types of companies : Those that have been hacked, a nd those that will be.”

  5. THE THREAT IS REAL

  7. In a Word … PEOPLE

  8. BE AFRAID..BUT ALSO BE INFORMED Understanding The Power of the Dark Side

  9. POWERFUL DARK SIDE FORCES Today’s Cyber Criminals are: • Highly ORGANZED • Highly MOTIVATED • Highly RESOURCED and Highly EFFECTIVE!

  10. THE DARK SIDE IS SOPHISTICATED

  11. POWERFUL DARK SIDE FORCES Cybercriminals Hactivists Nation-States Insiders • Broad-based and • Targeted and • Targeted and • Targeted and targeted destructive multi-stage destructive • Financially • Unpredictable • Motivated by data • Unpredictable motivated motivations collection motivations • Getting more • Generally less • Highly • Sophistication sophisticated sophisticated sophisticated with varies endless resources

  12. 2013 - TARGET 2014 - SONY 2015 - OPM 2017 – WannaCry Ransomwear Major cyber attack disrupts internet service across the WORLD!

  13. 2013 - TARGET Russian Crime Syndicate; 1 17 yr old wrote the malware Compromised via a Third- 1 Party Vendor (HVAC) Easy Reconnaissance; 1 Ignored Initial Alerts Internal Infrastructure Used 1 Against Themselves

  14. 2014 - SONY GUARDIANS OF PEACE 1 (North Korean Government) Internally Everything Destroyed; Whole World Saw Emails & 1 Sensitive Information Most of the Company Had Too 1 Much Access; Passwords were stored in files named ‘Passwords’ 1 Warning Signs were Ignored

  15. 2015 - OPM Chinese Government 1 Compromised Using Defense 1 Contractor’s Credentials Encryption is great, but it doesn’t 1 stop those who have passwords or credentials Data Stolen During Holiday When 1 Staffing was Light.

  16. 2016 – DYN DNS Hackers - For Profit or Other 1 Motive? Millions of Compromised 1 Digital Video Cameras Unpatched IoT Devices 1 Plenty of Individuals, Companies, and Vendors to 1 Blame!

  17. 2017 - WannaCry Hackers - Unknown 1 Ransom message asking for 1 approx. $300. Increase to $600 after 3 days. After 7 days, files destroyed Estimated > 200,000 victims 1 WORLDWIDE CONTRIES AFFECTED

  18. IT’S NOW EASIER TO BE ON THE DARK SIDE

  19. PUBLICLY AVAILABLE TOOLS

  20. OUTSOURCING & CAPACITY BUILDING

  21. Securing National Development WHAT COMES NEXT … NO ONE KNOWS “Future attacks will likely increasingly be directed to softer targets in locations through which huge sums of money flow electronically for tax efficiency or advantage, those areas with infrastructure links to the United States and Europe, and in areas where the success of a sector such as tourism is central to the stability of the regional or national economy.”

  22. Securing National Development WHAT’S ALREADY HERE – CARIBBEAN ALREADY FE • Ransomware Attacks • Phishing Attacks • Distributed Denial Of Service • Data Theft • Identity Theft • ATM Scams

  23. Securing National Development GREATER THREATS, FEWER RESOURCES • Cybersecurity Skills Are in High Demand, Yet in Short Supply – most organizations do not have the people or systems to monitor their networks consistently and to determine how they are being infiltrated. – Cisco estimates there are over 1 million unfilled security jobs worldwide

  24. FORTUNATELY … ALL IS NOT LOST RESISTANCE IS NOT FUTILE W h i l e t h e r e i s n o s i l v e r b u l l e t s o l u t i o n w i t h c y b e r s e c u r i t y, a w e l l - i n f o r m e d , w e l l - s t r u c t u r e d , c o o r d i n a t e d , m u l t i - s t a k e h o l d e r a p p r o a c h c a n m a k e a b i g d i f f e r e n c e

  25. Securing National Development Opportunity in the Crisis • As the Internet of Things (IoT) gains more traction, the lack of basic security standards and the increasing skill shortage will present opportunities for countries and businesses that invest in cybersecurity skills development

  26. Securing National Development Opportunity in the Crisis • As the Internet of Things (IoT) gains more traction, the lack of basic security standards and the increasing skill shortage will present opportunities for countries and businesses that invest in cybersecurity skills development

  27. Securing National Development Joining the Resistance • Effective Cybersecurity Requires – Cyber Strategies – People, Analytics, Intelligence, and Technology – An Informed Human Approach to Security

  28. Securing National Development A Note on Cyber Strategies Cybersecurity Develop in collaboration with critical business strategies units – embed security personnel into business should be units, so security strategy can be integrated not holistic just tacked on Align to Business Goals – If you bring value with your strategy, security becomes a business differentiator and revenue generator, transforming security from cost center to a growth center.

  29. Securing National Development A Note on Cyber Strategies Cybersecurity Validate at the leadership level – Keeping organizational strategies leaders informed and involved in data breach should be preparedness and response plans is essential for holistic. maintaining a sophisticated security posture. Dynamically managed – Threat actors continuously adapt. Your cybersecurity strategy should, too. Treat it like it is a living, breathing, constantly questing process. If you let it languish, your threat posture also suffers.

  30. HOW CAN GOVERNMENTS HELP? UPDATE LEGISLATION PARTICIPATE IN REGIONAL BODIES STRENGTHEN LOCAL CAPACITY RAISE PUBLIC AWARENE SET NATIONAL STANDARDS

  31. HOW CAN INDUSTRY HELP? TRACK THE TREND LINES SUPORT PUBLIC-PRIVATE COOPERATION INVEST IN SECURITY TOOLS AND INFRASTRUCTUR ENCOURAGE AND TRAIN CYBER EXPERTS

  32. Make the Investment. Develop a Cyber Security Strategy. TAKE ACTION! “despite hard pressed budgets, cyber security needs to be seen as just as important as physical security and treated as core cost for businesses and governments .” … IT’s WORTH IT

  33. About the Presenter BEVIL M. WOODING Internet Strategist, Packet Clearing House Mr. Wooding is an an Internet Strategist for Packet Clearing House, a US-based non-profit research institute. He is also the Executive Director of the Caribbean Network Operators Group Twitter/Linked: @bevilwooding

  34. Questions in fo @ c arib no g.o r g

Recommend

Securing Home Networks Securing Home Networks protocols protocols A SWN04 A SWN04 K.

Securing Home Networks Securing Home Networks protocols protocols A SWN04 A SWN04 K.

Securing Home Networks Securing Home Networks protocols protocols A SWN04 A SWN04 K. MASMOUDI, K. MASMOUDI, H. AFIFI H. AFIFI Boston, 08/2004 6 th PCRD Integrated Project Goal : provide secure communication

450 views • 22 slides
Mobile Networks Module I Part 2 Securing Vehicular Networks Prof. J.-P. Hubaux 1 Outline

Mobile Networks Module I Part 2 Securing Vehicular Networks Prof. J.-P. Hubaux 1 Outline

Mobile Networks Module I Part 2 Securing Vehicular Networks Prof. J.-P. Hubaux 1 Outline Motivation Threat model and specific attacks Security architecture Security analysis Certificate revocation

751 views • 43 slides
Securing Networks in the Programmable Data Plane Era Luciano Gaspary paschoal@inf.ufrgs.br

Securing Networks in the Programmable Data Plane Era Luciano Gaspary paschoal@inf.ufrgs.br

Securing Networks in the Programmable Data Plane Era Luciano Gaspary paschoal@inf.ufrgs.br Instituto de Informtica UFRGS Securing Networks in the Programmable Data Plane Era Network softwarization : the first wave P4 programs are

607 views • 12 slides
Securing networks with Honeypots Motivation Scenario : Web server Internet SSH How to

Securing networks with Honeypots Motivation Scenario : Web server Internet SSH How to

Benjamin Braun, Klemens Mang Securing networks with Honeypots Motivation Scenario : Web server Internet SSH How to detect attackers accessing your service? How to analyze attack patterns? How to detect yet unknown attack

246 views • 13 slides
Securing 5G Networks Stavros Papadopoulos, Anastasios Drosou, and Dimitrios Tzovaras 5 th

Securing 5G Networks Stavros Papadopoulos, Anastasios Drosou, and Dimitrios Tzovaras 5 th

Behavioural Network Traffic Analytics for Securing 5G Networks Stavros Papadopoulos, Anastasios Drosou, and Dimitrios Tzovaras 5 th International Workshop on 5G Architecture (5GARCH) Presenter: Dr. Stavros Papadopoulos Post-doctoral research

426 views • 23 slides
Supporting recovery and sustainable development in the Caribbean Caribbean The role of the Global

Supporting recovery and sustainable development in the Caribbean Caribbean The role of the Global

Supporting recovery and sustainable development in the Caribbean Caribbean The role of the Global Jobs Pact By Stephen Pursey Director ILO Policy Integration Department y g p The crisis in the Caribbean The crisis in the Caribbean Global crisis

809 views • 19 slides
Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 19 Page 1 CS 236 Online Putting It All Together Weve talked a lot about security principles And about security problems And

209 views • 17 slides
Doing Research in the Caribbean Introduction to Caribbean Studies Stacey Mac Donald & Sanne

Doing Research in the Caribbean Introduction to Caribbean Studies Stacey Mac Donald & Sanne

Doing Research in the Caribbean Introduction to Caribbean Studies Stacey Mac Donald & Sanne Rotmeijer PhD Candidates, KITLV This afternoon Introducing Confronting Caribbean Challenges research project Key notions >

327 views • 17 slides
The Future of Caribbean Tourism Key Considerations for the COVID-19 recovery Caribbean

The Future of Caribbean Tourism Key Considerations for the COVID-19 recovery Caribbean

The Future of Caribbean Tourism Key Considerations for the COVID-19 recovery Caribbean Tourism Organization April 30, 2020 1 COVID-19 and Caribbean Tourism A quick snapshot 2 COVID-19 Caribbean overview The first cases of COVID-19

834 views • 14 slides
Introduction to Caribbean spaces (Course Postcolonialism and power relations in the Caribbean

Introduction to Caribbean spaces (Course Postcolonialism and power relations in the Caribbean

Introduction to Caribbean spaces (Course Postcolonialism and power relations in the Caribbean ) Christophe Premat Brainstorming List the representations that you have when you hear about the Caribbean spaces What are your

672 views • 22 slides
Securing IPv6 neighbor discovery and SLAAC in access networks through SDN Daniel Nelle,

Securing IPv6 neighbor discovery and SLAAC in access networks through SDN Daniel Nelle,

Securing IPv6 neighbor discovery and SLAAC in access networks through SDN Daniel Nelle, dnelle@uni-potsdam.de Thomas Scheffler, thomas.scheffler@htw-berlin.de ANRW 2019, Montreal, July 22nd 2019 Outline Security issues in ICMPv6 Stateless

663 views • 21 slides
IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT is a system of systems, with A great deal of heterogeneity (sensing, computation, communication, energy) New types of devices appearing all

1.35k views • 65 slides
- Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo Hckel - Securing Santas

- Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo Hckel - Securing Santas

- Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo Hckel - Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo Hckel Overview 1. Automotive Networks 2. SecVI Research Project 3. Software-Defined Networking

344 views • 31 slides
IXPS and Peering in the Caribbean Growing the Caribbean Digital Economy Global Context By 2020,

IXPS and Peering in the Caribbean Growing the Caribbean Digital Economy Global Context By 2020,

Presenter: Bevil M. Wooding Caribbean Outreach Manager, Packet Clearing House IXPS and Peering in the Caribbean Growing the Caribbean Digital Economy Global Context By 2020, smartphones will generate 30% of total IP traffic Global broadband

365 views • 18 slides
Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

www.securing.pl Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl @_r3ggi wojciech.regula@securing.pl www.securing.pl www.securing.pl WHOAMI -Senior IT Security Consultant @ SecuRing -Focused on

998 views • 67 slides
Mare Nostrum Caribbean (Our Caribbean Sea) Programs and Partnerships V irgin I slands

Mare Nostrum Caribbean (Our Caribbean Sea) Programs and Partnerships V irgin I slands

Mare Nostrum Caribbean (Our Caribbean Sea) Programs and Partnerships V irgin I slands E xperimental P rogram to S timulate C ompetitive R esearch Some Thoughts on How to Sustain a Successful Program Mark R. Boardman "In the

504 views • 32 slides
The Myth of the Caribbean as a Tax Haven Caribbean Association of Banks- represents 52 Banks and

The Myth of the Caribbean as a Tax Haven Caribbean Association of Banks- represents 52 Banks and

The Myth of the Caribbean as a Tax Haven Caribbean Association of Banks- represents 52 Banks and NBFIs in the CARICOM Region ranging from Cayman/Bahamas in the north to Suriname/Guyana in the South. Its mission is to proactively influence

510 views • 7 slides
adaptation in the Eastern Caribbean Fisheries Sector (CC4FISH) Project Proposal: NAP+: Blue

adaptation in the Eastern Caribbean Fisheries Sector (CC4FISH) Project Proposal: NAP+: Blue

FAO and the GEF Climate Change vulnerability and adaptation in the Eastern Caribbean Fisheries Sector (CC4FISH) Project Proposal: NAP+: Blue Economies for the Caribbean Caribbean Billfish Project Caribbean Constituency Meeting Dr.

562 views • 21 slides
Ten Year Retrospective on HIV capacity building in the Caribbean Valerie Wilson Caribbean Med

Ten Year Retrospective on HIV capacity building in the Caribbean Valerie Wilson Caribbean Med

Ten Year Retrospective on HIV capacity building in the Caribbean Valerie Wilson Caribbean Med Labs Foundation CCAS EXPERT SUMMIT: From Care to Cure Shifting the HIV Paradigm 27-31 August 2017 Barbados Presentation Outline CCAS Country

599 views • 41 slides
Advancing the NP in the Caribbean Exploring Potential Opportunities The Caribbean Islands and

Advancing the NP in the Caribbean Exploring Potential Opportunities The Caribbean Islands and

Advancing the NP in the Caribbean Exploring Potential Opportunities The Caribbean Islands and Bio-Prospecting Challenges Lack of Legislation, Lack of policies, Lack of Knowledge Researching Universities, infringement on Traditional

241 views • 11 slides
CARIBBEAN MARINE ATLAS PHASE 2 - CMA2 ATLAS MARINO DEL CARIBE FASE 2 - CMA2 CARIBBEAN MARINE

CARIBBEAN MARINE ATLAS PHASE 2 - CMA2 ATLAS MARINO DEL CARIBE FASE 2 - CMA2 CARIBBEAN MARINE

Brussels , 14 th May 2018 CARIBBEAN MARINE ATLAS PHASE 2 - CMA2 ATLAS MARINO DEL CARIBE FASE 2 - CMA2 CARIBBEAN MARINE ATLAS Ge Gene neral ral ob obje jective ctive Sustainable operationalization of an online digital Caribbean Marine

279 views • 14 slides
Broadband Deployment in the Caribbean From strategy to operations: The end-to-end approach to

Broadband Deployment in the Caribbean From strategy to operations: The end-to-end approach to

Broadband Deployment in the Caribbean From strategy to operations: The end-to-end approach to broadband deployment in the Caribbean Jelmer Gulmans July 25 th , 2018 2 Almost all Caribbean telcos require faster and more fixed broadband

448 views • 10 slides
IPsec (AH, ESP), IKE Guevara Noubir CSG254: Network Security noubir@ccs.neu.edu Securing

IPsec (AH, ESP), IKE Guevara Noubir CSG254: Network Security noubir@ccs.neu.edu Securing

IPsec (AH, ESP), IKE Guevara Noubir CSG254: Network Security noubir@ccs.neu.edu Securing Networks Applications Layer Monitoring/Logging/Intrusion Detection Control/Management (configuration) telnet/ftp: ssh, http: https , mail: PGP Network

1.4k views • 26 slides
SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web based Centrally Administrated Divisionally managed Consistent content Central reporting Ability to add custom content (Policy's)

761 views • 10 slides

More recommend