Security Updates Matter: Exploitation for Beginners

•

1 recomendación•822 vistas

Abstract: This is a presentation explaining the purposes behind why security updates should be installed on systems and why it matters to protect the bulk electric system. Many people don’t understand the full purpose of installing security updates and this presentation walks through the reasons at a very high level so that everyone can understand.

Tecnología Empresariales

Security
Updates
Ma0er

Exploita5on
for
Beginners

William
Whitney
III

Who
am
I?

•  William
Whitney
III
–
Alphabet
Soup

•  Electronics
and
PLC’s

•  Power
system
engineering

•  IT/EMS/SCADA
Opera5ons/Security/
Compliance

•  Enjoy
ﬁnding
and
ﬁxing
business/technical

process
ﬂaws

•  I
am
a
researcher
at
heart

Who
I
Work
For

•  Garland
Power
&
Light
/
City
of
Garland

–  Municipality
started
in
1923

–  68,000
residen5al
customers
with
a
peak
load
of
492MW

–  Genera5on
–
640
MW,
gas
and
coal
ﬁred

–  Transmission
–
29
substa5ons
and
133
miles
of
lines

–  Distribu5on
–
2007
miles
of
overhead
and
underground

lines

–  TMPA
adds
many
miles
of
lines
and
sta5ons

•  College
Sta5on
to
Denton
TX

Who
Are
You?

Control
System
Engineers

IT Professionals
Compliance/Legal

Patch
Your
Systems
NOW!

•  Why?

–  Fix
bugs
–
not
ants,
grasshoppers,
etc

–  Protect
systems
from
being
breached

–  Be0er
func5onality?
Some5mes……….

Prove
it
FUD
Man!!!

•  Live
Demo
of
what
can
happen
if
not
patched

–  It
takes
5me
and
resources
to
plan
and
act
on
patching

systems
for
the
many
updates
that
are
available

–  It
only
takes
one
missing
patch
for
someone
to
P0wn
your

system
(yes,
thats
hacker
speak)

•  Anyone
can
do
it
today
with
the
tools
freely
available
on
the

internet

•  Verizon
Data
Breach
report
stated
97%
of
breaches
could
have

been
avoided
through
simple
or
intermediate
controls
such
as

patching,
password
complexity,
etc.

What
to
do?

•  Patch
your
devices;
All
of
them!

Windows,
Linux,

Java,
Adobe,
RTU’s,
and
network
devices
ASAP!

•  Most
important
is
to
show
FERCing
NERC
TFE
love;

install
an5virus
on
printers,
network
devices,
and

your
toaster!!!

William
Whitney
III

Cyber
Security
&
Compliance
Manager

Garland
Power
&
Light
/
City
of
Garland

williamw@gplops.org

972-‐205-‐3080

Más contenido relacionado

La actualidad más candente

The Department of Homeland Security (DHS) has become more concerned with cyber attacks on infrastructure such as supervisory control and data acquisition (SCADA) systems. An attack in Iran has proven that the landscape of cyber warfare is continually evolving. As the SCADA systems are the systems that autonomously monitor and adjust switching among other processes within critical infrastructures such as nuclear plants, and power grids DHS has become concerned about these systems as they are unmanned frequently and remotely accessed. A vulnerability such as remote access could allow anyone to take control of assets to critical infrastructure remotely. There has been increasing mandates, and directives to ensure any system deployed meets stringent requirements. As the Stuxnet worm has become a reality, future attacks could be malicious code directly targeting specific locations of critical infrastructure. This paper will address methods to protect infrastructure from cyber attacks using a hybrid of certification & accreditation (C&A) processes and information assurance (IA) controls.

Protecting Infrastructure from Cyber Attacks

Maurice Dawson

In May, 2014 the US Department of Homeland Security and its Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, issued a report confirming several recent attacks on public utilities from the first quarter of 2014. DHS confirmed that a sophisticated threat actor gained unauthorized access to an unnamed public utility’s control system network. Incidents of this type haven’t been as widely publicized as recent retail breaches, but it is believed by many that there are far more incidents occurring within the Energy Sector than are heard about in the press. Lack of enforced and implemented policy and compliance, poor capability for early detection of threat indicators, and lack of visibility and automation may all be contributing to failure in rapidly detecting attacks and breaches. Essential Power™ (formerly known as North American Energy Alliance) is a wholesale power generator and marketer providing electric energy and located in the North Eastern United States. Essential Power will share a case study on its own journey towards achieving NERC CIP compliance within a very short five-month timeline, and how they did it.

Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...

EnergySec

The Control System Security Center (CSSC) in Japan has an active project in their lab to apply process white list control and computer resource access control to Windows servers and workstations in an ICS. These security controls can be very effective in ICS computers that are relatively static as compared to corporate network systems. The process white list control limits process creation with parent-child relation, SHA1 hash value of an executable file, and conflict of interest. The computer resource access control limits access from a process to file, network (IP address and port), and device. Attend this session learn how CSSC is applying this technology and lessons learned in the lab environment.

Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...

Digital Bond

In July 2010, BC Hydro, the electric utility and grid operator of British Columbia began implementation of its AMI program, formally known as the Smart Meter & Infrastructure (SMI) program. The SMI program transformed BC Hydro from a traditional metering utility to a smart metering utility by implementing smart meters on the customer service points. It was the first step in the smart grid transformation. The SMI program required the introduction of many new devices and applications into BC Hydro’s infrastructure. Some of these had never been deployed before anywhere in the world. Many were field deployed, outside of BC Hydro’s physical security perimeter. The SMI Security Delivery Team was formed to deliver on these commitments and to take responsibility for the end to end security of the SMI program. The Team implemented a multi-pronged approach to securing SMI including security risk assessments, security penetration testing by the team, design reviews, whole project risk assessments and third party security penetration testing. A standards based approach was required to ground the test plan both in best practice and in a common set of principles that BC Hydro and its vendors could accept. The Advanced Metering Infrastructure (AMI) Risk Assessment document prepared by the Advanced Metering Infrastructure Security (AMI-SEC) Task Force was used as a basis for the test plan. This document has since been passed to the National Institute of Standards and Technology (NIST) Cyber Security Working Group and was integrated into NIST IR 7628. NIST IR 7628 contains a comprehensive list of possible threats to AMI systems. The program was highly successful. Test results informed BC Hydro’s deployment decisions and allowed the manufacturers to improve their products. Lessons were learned about how best to conduct third party security testing. A full lessons learned section is included in the presentation.

Third Party Security Testing for Advanced Metering Infrastructure Program

EnergySec

The Industrial Control Cybersecurity conference consists of presentations and debate from some of the energy industry’s leading end users from Operational and IT backgrounds, Government influencers, leading cybersecurity authorities and some of the world’s most influential solution providers. Key topics of discussion will pivot on convergence of operational and information technology transformation, design, implementation, integration and risks associated with enterprise facing architecture. Further review includes the development of policy, operational and cultural considerations, maturity models, public and private information sharing and the adoption of cybersecurity controls. 2015 will provide further insight into how industry can further develop organisational priorities, effective methodologies, benchmark return on investment for cybersecurity procurement, supplier relationships and how to effectively deploy defense in-depth strategies. We will introduce discussion on the latest attacks and hear from those who are responsible for identifying them. The conference will further address penetration testing, the art of detection and threat monitoring, incident response and recovery.

Industrial Control Cyber Security Europe 2015

James Nesbitt

The energy and utilities industry needs to take extraordinary steps to protect its critical infrastructure. Gone are the days where treating physical security, process control security, and cybersecurity as separate functional areas can suffice. As the threats to our nation’s electric utility enterprises continue to rise, we must use all available information resources and security tools in highly integrated total security systems. As described in this presentation, recognizing and capitalizing upon the broad commonality of security domains across all the three security functional areas can open many more possibilities to enhance an enterprise’s defenses. Based upon this unique systems concept, already proven effective for cybersecurity, a methodology for an integrated total security defense is described that begins with threat and vulnerability intelligence-driven security processes. By extending this methodology to all three security functional areas, organizations can better organize and utilize all their security resources and processes, including threat and vulnerability information, pre-emptive defense strategies, real and near-real time situation awareness capabilities, and incident response/ recovery actions; regardless of whether they are part of the physical, process control, or cybersecurity functional areas. In addition to methods and tools for highly efficient collection and analysis of “all source” threat and vulnerability information, also described are systems approaches for fusing and correlating the high volume and wide variety of available security relevant information. These can assist the security professionals to quickly analyze and initiate actions as needed across each of the physical, control process, and cyber security areas.

An Approach to Closing the Gaps between Physical, Process Control, and Cybers...

EnergySec

Cybersecurity in Industrial Control Systems (ICS)

Joan Figueras Tugas

IT vs. OT: ICS Cyber Security in TSOs

Community Protection Forum

Industrial Control Security USA Sacramento California Oct 13/14

James Nesbitt

Attacking and Defending Autos Via OBD-II from escar Asia

Digital Bond

2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...

Eran Goldstein

Kevin Wheeler, Founder and Managing Director, InfoDefense Securing Industrial Control Systems Our nation’s critical infrastructure is controlled by SCADA and other industrial control technologies. Water utilities, petroleum refineries, oil pipelines, food processors, manufacturers and power companies all use SCADA systems to control and monitor operations. The vast majority of these industrial control systems have been in place for decades with few, if any, enhancements to effectively protect against today’s advanced threats. As a result, industrial control system vulnerabilities are currently a major concern. Legacy SCADA systems can be secured using many of the same best practices that are used to protect the enterprise. This presentation provides an overview of SCADA threats as well as practical solutions for protecting industrial control systems.

NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler

North Texas Chapter of the ISSA

02 ibm security for smart grids

IBM Italia Web Team

Considerations for a secure internet of things for cities and communities

Mrinal Wadhwa

Io t security defense in depth charles li v1 20180425c

Charles Li

SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...

Dale Butler

European smart grid cyber and scada security

Yulia Rotar

Securing Industrial Control Systems

Eric Andresen

In January, the FDA has draft recommendations for medical device security after the sale. Among other things, the recommendations tell manufacturers how to evaluate security risks, how to build a program for coordinated vulnerability disclosure program, and how to intake vulnerability reports from researchers. While the security of medical devices is especially important given the potential consequences, we can learn from the FDA recommendations regardless of our industry. Any recommendations adopted by the FDA for medical devices are likely to be implemented across other verticals for their IoT devices as well. Whether you manufacture, purchase, integrate, implement, or generally try to run away from IoT devices, there’s plenty to take away from this session while learning about the future of IoT device security.

Jake Williams - Navigating the FDA Recommendations on Medical Device Security...

centralohioissa

Tripwire Energy Working Group: Keynote w/Patrick Miller

Tripwire

La actualidad más candente (20)

Protecting Infrastructure from Cyber Attacks

Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...

Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...

Third Party Security Testing for Advanced Metering Infrastructure Program

Industrial Control Cyber Security Europe 2015

An Approach to Closing the Gaps between Physical, Process Control, and Cybers...

Cybersecurity in Industrial Control Systems (ICS)

IT vs. OT: ICS Cyber Security in TSOs

Industrial Control Security USA Sacramento California Oct 13/14

Attacking and Defending Autos Via OBD-II from escar Asia

2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...

NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler

02 ibm security for smart grids

Considerations for a secure internet of things for cities and communities

Io t security defense in depth charles li v1 20180425c

SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...

European smart grid cyber and scada security

Securing Industrial Control Systems

Jake Williams - Navigating the FDA Recommendations on Medical Device Security...

Tripwire Energy Working Group: Keynote w/Patrick Miller

Destacado

Presented by: Russell Thomas, George Mason University Abstract: Two aspects of cyber security that everyone struggles with are metrics and business impact. How do we measure it to improve and how do we make it meaningful to business decision makers? This gap appeared again recently in the NIST Cyber Security Framework (CSF) process RFI responses. But there is no need to wait for NIST CSF or anything else because there is a viable method available now that you can use to build your own CSF. Namely the “Balanced Scorecard” method. The key idea is to focus on performance against measurable objectives in all critical dimensions that, taken together, will lead to better security, privacy, and resiliency outcomes, even in a dynamic and highly uncertain threat environment. In this presentation, we’ll explain the ten critical dimensions of cyber security performance, explain how they are interrelated and feed off each other, show how to create a performance index in each dimension, and describe how the balanced scorecard can be used to drive executive decisions. This presentation should be valuable to managers and executives in every type of organization in the energy sector, including the supply/service chain. Consultants, regulators, and academics should also find it interesting and useful.

How to Build Your Own Cyber Security Framework using a Balanced Scorecard

EnergySec

Security Operational Scorecard EX2

Alice E. Nordwall

Presented by: Jacob Kitchel, Industrial Defender Abstract: This presentation will review useful concepts and tools that can be applied by DevOps team with “Controlled Remediation”. We’ll demonstrate the application of non-security, system administration, deployment, monitoring and change tracking using tools to achieve controlled remediation. This will build a foundation through which security, compliance, and change management goals can be achieved in an automated fashion within control system environments. DevOps is a juxtaposition of the words “development” and “operations” and is meant to portray a tight relationship between the two traditionally separate roles which build and operate complex computer systems and software applications. DevOps groups work with a unified goal to rapidly and reliably deploy and manage the underlying systems which organizations rely upon to make a profit while balancing resource constraints. “Controlled Remediation” is a concept used to describe the use of automation to maintain acceptable configuration and settings on industrial cyber assets. Additionally, this presentation will discuss the variations of “Automated Remediation” and “Manual Remediation”.

6 Tools for Improving IT Operations in ICS Environments

EnergySec

Presented by: Rohyt Belani, Phishme Abstract: In the physical world, the human brain has evolved to avoid danger. The threat of physical pain triggers fear – and we have learned to avoid behavior that causes pain. In the electronic world of email, however, this concept doesn’t translate. Clicking on a malicious link or opening an attachment laced with malware doesn’t cause pain, and often a user won’t even notice anything is wrong after doing it. How then, can we teach fear perception in the electronic world? Is it even possible? In this presentation I’ll discuss how immersive training can key on psychological triggers to teach people to become skeptical email users who not only avoid undesired security behavior but can aid intrusion detection by reporting suspicious emails, helping to mitigate one of the most serious problems in security: slow incident detection times. According to reports from Mandiant and Verizon, average detection time for an incident is in the hundreds of days. A properly trained workforce is not only resilient to phishing attacks, but can improve detection times as well.

Building Human Intelligence – Pun Intended

EnergySec

Presented by: Nadya Bartol, Utility Telecom Council Abstract: A variety of recent breaches and vulnerabilities demonstrate that software and hardware supply chain is a serious concern in the ICS space. Asset owners/operators and suppliers are in a symbiotic relationship – acquirers cannot conduct business without the supplier products and services. Where do the subcomponents come from and what do we know about their contents? Which code libraries were used by the sub-supplier? Why do we need to know? Several solution sets have emerged over the last 6 years, developed in IT/communications, defense, and ICS space. These include soon-to-be-published ISO and IEC standards, NIST documents, certification framework, Common Criteria extensions, and efforts by software industry consortium. The presentation will survey ICT supply chain security problem space, provide an overview of available solutions developed to date, and recommend how to use these solutions in the ICS context

ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors

EnergySec

Energy Challenges for Wales: The Flexible Integrated Energy Systems (FLEXIS) ...

energybiographies

Presented by: Chris Sistrunk, Entergy Abstract: IT folks have been doing it for years – building labs to test new products before rolling them out – but the concept is still rather revolutionary to most practitioners of SCADA security. Yet the benefits of a lab are many, including training staff and solving real-world problems by replicating and attacking them in the relatively low-risk lab environment. But how do you pitch this (not inexpensive) idea in a way that gets organizational buy-in? And if your organization is just too small, what are the factors to considering when using a third-party lab? Hear ideas and ask questions of someone who evolved his organization’s capabilities from one small lab to five complete labs.

Come See What’s Cooking in My Lab

EnergySec

Presented by: John Fleker, HP Abstract: The cyber threat landscape is continually evolving. More and more, the critical infrastructure of our nation is at risk. Whether by nation-state actors, criminal organizations, hacktivists or any number of hackers looking to prove their skills, our safety and economic prosperity is threatened. There are four things that must be considered in order to address the evolving threats: 1- Becoming more proactive in our cyber defense efforts through intelligence 2- Better user behavior management 3- Assessing risk using meaningful metric 4- Resilience – operating through an intrusion We need to look at the threat picture differently – in a proactive way – to ensure that CEO’s and CIO/CISO’s are on the same page regarding the threat, to allow those leaders to make better resourcing decisions and to be better prepared to mitigate adversaries when they arrive at the security perimeter. We need to integrate a wider set of intelligence into our thinking. This is critical to taking a more proactive stance in defending your networks. Combined with what you know of your own network, cyber intelligence strategically helps make solid resource planning decisions and functionally, helps your network operators better defend, mitigate and operate through cyber intrusions. The Operational Levels of Cyber Intelligence paper by the Intelligence and National Security Alliance details a better way of using intelligence. www.insaonline.org/i/d/a/Resources/CyberIntel_WP.aspx Additionally, we must increase info sharing across the board. Executive Order 13636 - Improving Critical Infrastructure Cybersecurity is leading critical infrastructure that direction.

Dynamic Cyber Defense

EnergySec

Understanding Hacker Tools and Techniques: A live Demonstration

EnergySec

Presented by Patrick Miller, The Anfield Group and Jason Ile, Tripwire Abstract: This presentation emphasis the importance of building an environment where compliance is a natural byproduct of effective security controls. The presenters discuss how to establish info security controls that reinforce a culture of controls, by being plugged into the daily operational processes of IT operations, software and service development, project management and Internal audit. Additional, the presenters explore the various benefits of continuous monitoring and how to achieve it through a step-by-step practice.

Achieving Compliance Through Security

EnergySec

Presented by: Michael Toecker, Digital Bond Abstract: Control Systems are responsible for the safe and reliable governing of physical processes, and are designed to report conditions that could affect reliable operations to operators for action. These conditions may vary in their severity, from minor inconveniences to those that can bring the process to a full halt. While engineers have predicted certain events and consequences, others are “unknown unknowns”, and may only be detected due to variances from normal function. Cyber security conditions are similar in nature. Cyber security conditions can vary in severity and cyber security professionals can classify and alert on some, but not all cyber security events. In this presentation, Michael Toecker will discuss cyber security conditions that are known, and that could be integrated into the operational display. Treating cyber security events as analogous to control system events has many benefits and drawbacks, and Toecker will expand on criteria for determining what is appropriate for an operator display, and what is not. The purpose of this presentation is to demonstrate that cyber security can have a place in operational decisions, so long as conditions are carefully analyzed and response actions developed beforehand.

Integrating Cyber Security Alerts into the Operator Display

EnergySec

Moderated and Presented by Andy Bochman Discussion Topic: Workforce Development in the ICS WorkPlace Discussion Abstract: Ask anyone working in the field at an electric utility about cybersecurity and the conversation will inevitably turn to the shortage of a qualified security staff with knowledge of our industry. The need to comply with NERC CIP standards, secure the rapidly proliferating smart grid technologies, and defend against the threat of cyber attacks targeting control systems, makes the short supply of cybersecurity talent is a critical issue.

NESCO Town Hall Workforce Development Presentation

EnergySec

Energy Biographies Final Research report

energybiographies

Presented by: Slade Griffin, Contextual Security Solutions Abstract: This session will present Mr. Griffin’s observations made while working directly with utilities as they developed and built incident response processes and the teams to support them. Topic covered will be the architectural development of visibility into different types of networks using different technologies. Having the technology to gain visibility into your networks is less than half the battle, the next step is to properly tune down the “noise” to determine whether an incident is happening.

Building an Incident Response Team

EnergySec

Presented by: Lucas Apa and Carlos Mario Penagos, IOActive Abstract: The evolution of wireless technologies has allowed industrial automation and control systems (IACS) to become strategic assets for companies that rely on processing plants and facilities. When sensors and transmitters are attacked, remote sensor measurements on which critical decisions are made might be modified, this could lead to unexpected, harmful, and dangerous consequences. This presentation demonstrates attacks that exploit key distribution vulnerabilities we recently discovered in every wireless device made by three leading industrial wireless automation solution providers. We will review the most commonly implemented key distribution schemes, their weaknesses, and how vendors can more effectively align their designs with key distribution solutions.

Compromising Industrial Facilities From 40 Miles Away

EnergySec

Presented by: Julie Soutuyo, Tennessee Valley Authority Abstract: Over the past 40 years, the energy industry has evolved to a position of dependence upon information technology to accomplish its mission. Cyber attacks have become a “way of life”; as the Nation, industry, organizations, and individuals strive to operate safely and securely in cyberspace. Most rely on a compliance-based “whack-a-mole”; approach to cyber defense which presents multiple barriers to hackers, based on the last attack, with efforts to “hit” any that get inside the organization’s defenses. While still valid, this compliance-based approach has significant challenges: stopping intruders, mitigating the problems they create, and positioning an organization to achieve its mission under a cyber attack. Cyber experts across the Nation are increasingly turning to resiliency as a means for fighting through these attacks with the objective of meeting operational and mission requirements in spite of the attacks. This shift is driving organizations to rethink their organizational structures to achieve unity of effort and streamlined decision-making in the face of a fast paced set of operational demands. This presentation will highlight the strategies to promote a cyber resilient organization.

Energy Industry Organizational Strategies to Increase Cyber Resiliency

EnergySec

Presented by: Chris Unton, Midwest ISO (MISO) Abstract: MISO embarked on a structured, comprehensive process improvement program to make advancements in cyber security risk reduction as well as CIP compliance. The program utilizes the Six Sigma framework to reduce process defects and gain efficiencies. The 13 month effort comprises process level health checks; assignment of functional roles, responsibilities, and oversight; cross-functional process improvement events; and training/awareness curriculums to lock in the improvements. As a result, MISO not only is strengthening its cyber security and compliance posture, but also positioning the company for a smoother adoption of controls based audits when applicable. In this presentation, Mr. Unton will walk through the process and show how this has been instrumental in greatly enhancing MISO’s security and compliance environment.

Structured NERC CIP Process Improvement Using Six Sigma

EnergySec

Presented by: Gib Sorebo, SAIC Abstract: For the last few years, energy companies, particularly electric utilities, have been scrambling to meet the onslaught of cybersecurity regulations. However, hackers don’t follow regulations, so the need to rapidly address evolving threats is imperative to meet expectations of senior leadership, board members, and shareholders. This session will discuss how a mature governance structure and a cybersecurity strategy based on a comprehensive understanding of business risk can be used to address threats, comply with regulations, and obtain support from company stakeholders.

Cybersecurity for Energy: Moving Beyond Compliance

EnergySec

Red, Amber, Green Status: The Human Dashboard This session will outline the importance of presenting actionable metrics for the Security Awareness program. Oftentimes security programs are presented while omitting the most constant threat to Information Systems: the human. From a security awareness perspective, we will review analytics that include key performance indicators that may already be available to you; they just need to be added to the new human dashboard. Laurianna Callaghan currently serves as a security consultant for Ana Academy, a Dallas based security training company. Previously, Laurianna worked with Dell where she was the creator of security analytics for a major healthcare customer which were presented at the 2016 IASAP conference. In addition, Laurianna has more than 21 years experience in various IT domains. She has served as the Director of Systems Engineering for a telemarketing firm, the UNIX/MVS Manager for a major airline and has IT experience in the healthcare, communications, transportation, education, retail, and other industry sectors. Laurianna holds both the CCNA Security and CISSP designations.

NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

North Texas Chapter of the ISSA

MicroStrategy - Effective Business Dashboards

MicroStrategy Nederland

Destacado (20)

How to Build Your Own Cyber Security Framework using a Balanced Scorecard

Security Operational Scorecard EX2

6 Tools for Improving IT Operations in ICS Environments

Building Human Intelligence – Pun Intended

ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors

Energy Challenges for Wales: The Flexible Integrated Energy Systems (FLEXIS) ...

Come See What’s Cooking in My Lab

Dynamic Cyber Defense

Understanding Hacker Tools and Techniques: A live Demonstration

Achieving Compliance Through Security

Integrating Cyber Security Alerts into the Operator Display

NESCO Town Hall Workforce Development Presentation

Energy Biographies Final Research report

Building an Incident Response Team

Compromising Industrial Facilities From 40 Miles Away

Energy Industry Organizational Strategies to Increase Cyber Resiliency

Structured NERC CIP Process Improvement Using Six Sigma

Cybersecurity for Energy: Moving Beyond Compliance

NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard

MicroStrategy - Effective Business Dashboards

Similar a Security Updates Matter: Exploitation for Beginners

Unfortunately, in recent years we’ve seen a host of incidences where IoT devices were compromised. Sometimes these have been minor with little coverage, while others like Mirai affected millions around the globe a produced serious economic impact. When attacks like this occur, they not only erode the trust of the users of these devices, but cause those who are looking to adopt this new technology to pause. With any new technology, security must be thought of as a first class citizen and when we are talking about IoT, the data is personal. As the IoT matures, I’ll share some mistakes that have happened in the past, where we are today and how I believe we are now finally seeing a maturity of devices that are remotely updated, fault tolerant and secure. When it comes to building an IoT device, security is personal.

This Time, It’s Personal: Why Security and the IoT Is Different

Justin Grammens

GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution

Shah Sheikh

ML13198A409.pdf

poolpandyM

Security and control in Management Information System

Satya P. Joshi

3433 IBM messaging security why securing your environment is important-feb2...

Robert Parker

Presentation from IBM InterConnect 2016 . With growth in the number of business applications and exponential growth in connectivity between applications and systems, it is important to understand not just how to implement security, but why it is important to ensure all parts of the business can appreciate it and apply the right levels of security to their messaging system use. - jointly presented by Leif Davidsen and Rob Parker

IBM Messaging Security - Why securing your environment is important : IBM Int...

Leif Davidsen

The 5 ws of Cyber Security

Misha Hanin

Security best practice and regulations such as SOX, HIPAA, GDPR and others require you to restrict access to your critical IBM i systems and their data, but this is easier said than done. Legacy, proprietary access protocols now co-exist with new, open-source protocols to create access control headaches. View this webcast on-demand for an in-depth discussion of IBM i access points that must be secured and how exit points can be leveraged to accomplish the task. We’ll cover: • Securing network access and communication ports • How database access via open-source protocols can be secured • Taking control of command execution

Controlling Access to IBM i Systems and Data

Precisely

Ryder robertson security-considerations_in_the_supply_chain_2017.11.02

PacSecJP

CS5032 Lecture 20: Dependable infrastructure 2

John Rooksby

Web security

Jin Castor

Controlling all the ways your company’s data is being accessed, especially given the proliferation of open source software and other non-traditional data-access methods, is critical to ensuring security and regulatory compliance. This webinar reviews the different ways your data can be accessed, discusses how exit points work and how they can be managed, and why a global data access control strategy is especially important to efficiently protect sensitive data against unwanted access. Topics include: • IBM i access methods and risks • Using exit programs to block traditional and modern access methods • Real life examples and perspectives

Expand Your Control of Access to IBM i Systems and Data

Precisely

CEO's Guide to Effective IT Management

dhaydenSlide

CEO's Guide Effective IT Management

guest86c967

Gartner technologies for Infosec 2014-2015

Samuel Kamuli

Breaches are at all time high. In this webinar learn the do's and don't of handling breach disclosure. Best practices of how to set up a bounty program . How to respond to responsible disclosures? Do's and Don'ts and learning from the industry. Key Points To Be Discussed: -How to build a vulnerability disclosure program? -What are various types of vulnerability disclosures programs? -When and when NOT to have a bug bounty program? -Do's and Don'ts for handling a breach disclosure

How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...

Priyanka Aash

Next Dimension IIoT Presentation

Next Dimension Inc.

Securing your presence at the perimeter

Ben Rothke

It security the condensed version

Brian Pichman

Presentation at CMSS Conference 2016 - I was recently honored with the opportunity of speaking at the CMSS 2016 Conference. My goal for this engagement was to educate about the importance of innovating and applying exponential technologies in IT Security within the organization. My audience included many professionals in the medical industry, so it was important for me to be able to convey the importance of cybersecurity in that industry.

Enterprise IT Security| CIO Innovation and Leadership

RedZone Technologies

Similar a Security Updates Matter: Exploitation for Beginners (20)

This Time, It’s Personal: Why Security and the IoT Is Different

GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution

ML13198A409.pdf

Security and control in Management Information System

3433 IBM messaging security why securing your environment is important-feb2...

IBM Messaging Security - Why securing your environment is important : IBM Int...

The 5 ws of Cyber Security

Controlling Access to IBM i Systems and Data

Ryder robertson security-considerations_in_the_supply_chain_2017.11.02

CS5032 Lecture 20: Dependable infrastructure 2

Web security

Expand Your Control of Access to IBM i Systems and Data

CEO's Guide to Effective IT Management

CEO's Guide Effective IT Management

Gartner technologies for Infosec 2014-2015

How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...

Next Dimension IIoT Presentation

Securing your presence at the perimeter

It security the condensed version

Enterprise IT Security| CIO Innovation and Leadership

Más de EnergySec

When we talk about cyber security, we recognize that it is part of a holistic approach to security and critical infrastructure protection. Tools and technology are not enough to ensure that mission critical systems provide capabilities needed for the military, continuity of government and commercial enterprises to continue operations in the face of emerging threats. Recognizing the unique nature of our location on the Hawaiian Islands in the middle of the Pacific, we also understand the importance of collaboration and alignment of critical infrastructure protection among the military, state government, commercial and public stakeholders. A comprehensive approach needs to include innovative capabilities, a thorough analysis of operational dependencies, and the organizational collaboration required to protect critical capabilities. In this session, we will discuss our innovate approach to developing a holistic cyber security approach for critical infrastructure and share a case study to help you think differently about your own approaches for security.

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense

EnergySec

Over the past few years, penetration testing has gotten easier. What used to take a week of scanning, analysis, and exploit research now happens in one day on average in a common IT environment. The efficiency of compromise has increased based on several factors including increased knowledge sharing, more robust computing, and automated exploitation tools. OT environments are often utilizing the same operating systems and are prone to many of the same attacks. The main differences are the presence of custom protocols, embedded systems, and lack of formal security programs to address the gaps created by two-way data communication networks. This talk will show the most common attacks which our team currently uses to gain access and control over the networks and systems we test. More importantly, we will discuss the “top 10” things an organization can do to mitigate, remediate, and have active visibility into critical systems.

Slide Griffin - Practical Attacks and Mitigations

EnergySec

Innovative and disruptive technologies are enhancing and invading our traditional industrial business model. Future organizations will need more data to operate efficiently and succeed in the brave new interconnected world. The diversity of new technologies and data will fuel more diversity in business opportunity. Everyone expects more OT, more IoT, and more IT – and all of it is supposed to be highly reliable and secure. These factors (and more) lead to a landscape shift for the mission-critical cybersecurity risk profile. In this session, hear ways to recognize the problems and gain some clarity on possible solutions through historic lessons, made up words, and practical front-line experience.

Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...

EnergySec

Almost 70 years since the first computer bug was discovered, there has been decades of research done on Information Security theory and practice. Yet, despite vast amounts of money being spent, innumerable academic papers, mainstream media obsession, and entire industries being formed, we are left with the impression that the risk is growing, not receding. Why? Some argue a lack of data, but data clearly exists. We’re likely generating it, in some areas, faster than humans will ever be able to process it. Perhaps, after all of this effort, we’ve managed to box ourselves into metaphors and first principles that might be inappropriately constraining how we think about “Information Security Risk”. In fact, it’s worth noting that we can’t even agree if there is a space between “Cyber” and “Security” when it’s written out. This talk will take an anecdotal look at “Information Security Risk”, “What IS Cyber Security?”, and use that perspective to suggest areas of research that are either lacking or should be made more accessible to the markets, industries, and individuals driving risk management change. In an industry filled with data, perhaps an examination of empty space might be helpful.

Jack Whitsitt - Yours, Anecdotally

EnergySec

In our modern world, we’ve learned to take for granted the universal availability of things like running water and electricity, and more recently, the Internet. As technology progresses, we are rapidly approaching a future in which nearly everything is digitally connected to nearly everything else. At the same time, we are learning to accept that all digital devices are broken from a security perspective. How we respond and adapt to this reality could well determine whether our future is utopian or dystopian. In In this interactive session, we will explore novel avenues of attack using digital “soft-targets”, and discuss how we might hold things together in the face of persistent vulnerability.

Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...

EnergySec

Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security

EnergySec

The NERC CIPv5 deadline is fast approaching, and it’s not too late to be prepared. Join Mark Prince, Manager Operational Technology Fossil, from Entergy, Karl Perman, VP Member Services from EnergySec and Tim Erlin, Director from Tripwire to discuss achieving and maintaining NERC CIPv5 compliance in a fossil generation plant. We’ll cover some of the challenges that Entergy has experienced in their NERC CIPv5 compliance journey. Specifically, we will discuss configuration change management and how to leverage technologies for these requirements and consider what life would be without them.

Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management

EnergySec

Regulated entities should consider the RSAW templates when preparing evidence of compliance with the NERC CIP Standards. There are a number of implicit requirements in CIP v5 which an entity needs to fulfill to be compliant, which are not specifically identified in the actual requirements. In this webinar, our experts will discuss such implicit requirements. Key learning's from this session would be: RSAW format Implicit requirements of CIP RSAWs Leveraging technology for RSAW management

Explore the Implicit Requirements of the NERC CIP RSAWs

EnergySec

Presenter: Daniel Lance, Layered Integration After years of installing wireless sensor networks in homes and businesses we are now faced with a question “How is this all secure? Or is it?” A look into WSN (Wireless Sensor Networks) history and original design concepts that paved the road to us using these in our every day life. This presentation will be a deep dive into wireless and reveal new challenges we have in protecting our perimeter when all of our core monitoring devices are riding a wave into the public space as most industrial control providers look to capitalize on fast installation times and inexpensive adaptive solutions. This research shows us start to finish how anyone with a laptop and SDR (Software Defined Radio) can hack into and take control of WSN’s from outside the front gate. The presentation will demonstrate how a device inside your facility might reveal itself through spectrum analysis than how a hacker might flank the security of the device and own the network with very simple replay attacks that can grant them physical access, and how social engineering pre-installation and post-installation will cause you to disregard warning signs that someone is tampering with the network. A high level understanding of radio is no longer needed for packet analysis with open source tools, proper implementation has never been more important as even a encrypted device can be compromised by the last mile before installation. We will talk about the tools security professionals are lacking from the manufactures of these devices to scan for a compromised device and what can be done in the future to protect WSN’s.

Wireless Sensor Networks: Nothing is Out of Reach

EnergySec

Presenter: Mikael Vingaard, EnergiNet.dk The goal of having a Honeypot (a fake ‘vulnerable’ IT-system/ service) is to learn more about your attackers and the methods they will use to breach your ICS/SCADA systems – but how can the Energy Sector actual benefit from using a Honeypot? The Danish information security researcher, Mikael Vingaard has taken various free open source software to deploy ICS/SCADA Honeypot systems, and will share his experiences from the research and present interesting findings from the collected informations. The talk will be discuss the pros and cons of honeypots, how to use honeypots as an early-warning system and add some interesting points seen from the energy sector of using Honeypot systems. The presentation will showcase that gaining access to actual ICS threat intelligence can be done – even in budget constrained organizations.

Please, Come and Hack my SCADA System!

EnergySec

Presenter: Mike Firstenberg, Waterfall Security Solutions NIST, NERC CIP, the ISA/IEC and other authorities are adjusting their advice for secure industrial networks to include at least one layer of hardware-enforced unidirectional communications. Many security practitioners are familiar with specific applications of Unidirectional Security Gateway technology, but fewer have seen how widely the technology is being deployed throughout the electric sector. Join us to review comprehensive unidirectional network architectures for generation, transmission, distribution, high-voltage substations, and control centers/TSO’s/balancing authorities. In each vertical we review use cases, examine NERC CIP compliance implications and cost savings, and compare the strength of each architecture with legacy firewall-based designs.

Unidirectional Network Architectures

EnergySec

Presenter: Joseph Loomis, Southwest Research Institute (SwRI) Asset Owners face challenges as they strive towards implementing the NERC-CIP V5 requirements. Meeting the requirements often require documentation and technical knowledge of how an asset operates that can only be provided by a Vendor. Vendors, likewise, may be unclear about how the NERC-CIP requirements affect them, and are unsure about how to meet the technical requirements. In this presentation we detail the lessons learned from a recent project where SwRI worked with a Vendor to determine how the requirements apply to them and what the Vendor needs to have to help support an Asset Owner in an audit.

NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role

EnergySec

Presenter: Patrick Miller, EnergySec (President Emeritis) Innovative and disruptive technologies are enhancing and invading our traditional industrial business model. Future infrastructure organizations will need more data to operate efficiently and succeed in the brave new interconnected world. The diversity of new technologies and data will fuel more diversity in business opportunity. Everyone expects more OT, more IOT, and more IT – and all of it is supposed to be highly reliable and secure. These factors (and more) lead to a landscape shift for the industrial cybersecurity risk profile. In this session, hear ways to recognize the problems and gain some clarity on possible solutions through historic lessons, made up words, and practical front-line experience.

Industrial Technology Trajectory: Running With Scissors

EnergySec

Presenters: Robert Landavazo, PNM Resources and Katherine Brocklehurst, Tripwire With countless hours of work to go, PNM was far from ready for its coming audit in just 18 months. Confidence levels in its existing manual, and incomplete security controls, were at an all-time low; and the visibility into control center environments for quantifying its status and progress towards compliance was immeasurable. With Tripwire, PNM’s preparation of the looming CIPv3 audit noticeably improved. With efficient reporting and automation, PNM’s now positioned to hold itself accountable for CIP auditable compliance of more than 3,500 explicit and supporting control points, satisfying CIP-002-3, CIP-004-3, CIP-005-3, CIP-007-3 and CIP-009-3. In addition, enhanced visibility and better control gave PNM the ability to effectively communicate meaningful and measurable initiatives to executive teams – resulting in increased support for their funding needs. In this session, PNM – New Mexico’s largest electricity provider – will share a case study on its journey towards achieving continuous NERC CIP compliance despite a highly limited headcount, how it saved countless hours of labor-intensive manual effort, and the essential role that automation played in its success.

The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...

EnergySec

Presenter: David Zahn, PAS Industrial control systems represent the brass ring for hackers who want to disrupt plant operations and negatively impact safety and productivity. The problem for cybersecurity professionals is that plants have highly vulnerable proprietary control systems where configuration data is not visible via standard WMI or SNMP calls. Yet, it is this same configuration data, such as I/O cards, firmware, installed software, and more, that hackers work hard to attain as it aids them in gaining control over industrial systems within plants. As the saying goes, “you can’t manage what you can’t measure.” Taking inventory of this hidden configuration data and doing so for all control assets is difficult. Plants as a result fall short of achieving centralized, automated inventory – a cybersecurity best practice and a necessary precursor to effective change management. So how do you address change management when important security data is kept locked within each vendor’s distributed control systems, programmable logic controllers, and remote terminal units? In this session, we’ll explore the types of inventory data that comprise a best practices cyber security plan. Next, we will dive into cost effective, accurate automation opportunities for inventory discovery and maintenance of heterogeneous proprietary and non-proprietary control assets. Finally, we’ll present a case study for implementing best practices for hardening ICS cyber security and automating management of change. Agenda: Building and Maintaining an Accurate ICS Inventory Best Practices in Inventory Automation Case Study

ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...

EnergySec

Presenter: Damiano Bolzoni, SecurityMatters What if cyber attacks were not the most prominent threat to industrial networks and systems? Although malware is still a major point of interest, the sword of Damocles for industrial networks is represented by insider threats such as system misuse performed by disgruntled employees, contractors and vendors, unintentional operator mistakes, as well as network and system misconfiguration and uncontrolled configuration changes; all this could lead to the divergence or failure of critical processes. In this talk we reshape the concept of ICS security and demonstrate through case studies in different critical infrastructure sectors that the real value of industrial network monitoring goes beyond the detection of cyber attacks, but includes above all the need to maintain awareness about network and process operations, and obtain actionable intelligence that allows to preserve their overall health. We will show how the use of innovative network monitoring approaches can support security, operations, and network managers to: Gain IT visibility of OT networks and full situational awareness of the network and process Detect complex and advanced cyber attacks against industrial networks Mitigate operational mistakes and misconfiguration

Where Cyber Security Meets Operational Value

EnergySec

Presenter: Chris Sistrunk Why haven’t we seen more ICS-focused attacks? Perhaps it’s because we’re not looking for them. The current state of security in Industrial Control Systems is a widely publicized issue, but fixes to ICS security issues are long cycle, with some systems and devices that will unfortunately never have patches available. In this environment, visibility into security threats to ICS is critical, and almost all of ICS monitoring has been focused on compliance, rather than looking for indicators/evidence of compromise. The non-intrusive nature of Network Security Monitoring (NSM) is a perfect fit for ICS. This presentation looks at using NSM as part of an incident response strategy in ICS, various options for implementing NSM, and some of the capabilities that NSM can bring to an ICS cyber security program.

Where Are All The ICS Attacks?

EnergySec

After a brief introduction by Mr. Humphreys, Henry Bailey will talk a few minutes about SAP’s roadmap for utilities. This will be followed by a discussion led by Chris Humphreys about the evolutionary transition from disparate point solutions to enterprise-wide, end-to-end, Regulation Management where controls are consolidated and leveraged such that compliance is a byproduct of industry best practices. Finally, Mr. Rice and Chris Humphreys will end the hour with a presentation expanding on the concept of controls consolidation and compliance as a byproduct focused on NERC CIP Ver 3-5 and NIST transitional capabilities of Regulation Management.

SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...

EnergySec

It’s never too early to start thinking about where the standards are going and where your program should be heading. This presentation will discuss how energy organizations should consider furthering alignment to NIST 800-53 Rev 4; focusing on security maturity opportunities such as threat management; addressing third parties and vendors and developing processes to help satisfy control-based security objectives.

Industry Reliability and Security Standards Working Together

EnergySec

What the Department of Defense and Energy Sector Can Learn from Each Other

EnergySec

Más de EnergySec (20)

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense

Slide Griffin - Practical Attacks and Mitigations

Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...

Jack Whitsitt - Yours, Anecdotally

Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...

Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security

Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management

Explore the Implicit Requirements of the NERC CIP RSAWs

Wireless Sensor Networks: Nothing is Out of Reach

Please, Come and Hack my SCADA System!

Unidirectional Network Architectures

NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role

Industrial Technology Trajectory: Running With Scissors

The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...

ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...

Where Cyber Security Meets Operational Value

Where Are All The ICS Attacks?

SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...

Industry Reliability and Security Standards Working Together

What the Department of Defense and Energy Sector Can Learn from Each Other

Último

When you’re building (micro)services, you have lots of framework options. Spring Boot is no doubt a popular choice. But there’s more! Take Quarkus, a framework that’s considered the rising star for Kubernetes-native Java. It always depends on what's best for your situation, but how to choose the best solution if you're comparing 2 frameworks? Both Spring Boot and Quarkus have their positives and negatives. Let us compare the two by live coding a couple of common use cases in Spring Boot and Quarkus. After this talk, you’ll be ready to get started with Quarkus yourself, and know when to select Quarkus or Spring Boot.

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Jago de Vreede

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

In the thrilling conclusion to 2023, ransomware groups had a banner year, really outdoing themselves in the "make everyone's life miserable" department. LockBit 3.0 took gold in the hacking olympics, followed by the plucky upstarts Clop and ALPHV/BlackCat. Apparently, 48% of organizations were feeling left out and decided to get in on the cyber attack action. Business services won the "most likely to get digitally mugged" award, with education and retail nipping at their heels. Hackers expanded their repertoire beyond boring old encryption to the much more exciting world of extortion. The US, UK and Canada took top honors in the "countries most likely to pay up" category. Bitcoins were the currency of choice for discerning hackers, because who doesn't love untraceable money?

Ransomware_Q4_2023. The report. [EN].pdf

Overkill Security

The action of the next cyber saga takes place in the mystical lands of the Asia-Pacific region, where the main characters began their digital activities in the middle of 2021 and qualitatively strengthened it in 2022. Corporate espionage, document theft, audio recordings, and data leaks from messaging platforms were all a matter of one day for Dark Pink. Their geographical focus may have started in the Asia-Pacific region, but their ambitions knew no bounds, targeting a European government ministry in a bold move to expand their portfolio. Their victim profile was as diverse as a UN meeting, targeting military organizations, government agencies, and even a religious organization. Because discrimination is not a fashionable agenda. In the world of cybercrime, they serve as a reminder that sometimes the most serious threats come in the most unassuming packages with a pink bow.

Cyberprint. Dark Pink Apt Group [EN].pdf

Overkill Security

Architecting Cloud Native Applications

WSO2

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

DBX First Quarter 2024 Investor Presentation

Dropbox

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

AXA XL - Insurer Innovation Award Americas 2024

The Digital Insurer

Exploring Multimodal Embeddings with Milvus

Zilliz

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

Following the popularity of “Cloud Revolution: Exploring the New Wave of Serverless Spatial Data,” we’re thrilled to announce this much-anticipated encore webinar. In this sequel, we’ll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you’re building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

Security Updates Matter: Exploitation for Beginners

1. Security Updates Ma0er Exploita5on for Beginners William Whitney III

2. Who am I? •  William Whitney III – Alphabet Soup •  Electronics and PLC’s •  Power system engineering •  IT/EMS/SCADA Opera5ons/Security/ Compliance •  Enjoy finding and fixing business/technical process flaws •  I am a researcher at heart

3. Who I Work For •  Garland Power & Light / City of Garland –  Municipality started in 1923 –  68,000 residen5al customers with a peak load of 492MW –  Genera5on – 640 MW, gas and coal ﬁred –  Transmission – 29 substa5ons and 133 miles of lines –  Distribu5on – 2007 miles of overhead and underground lines –  TMPA adds many miles of lines and sta5ons •  College Sta5on to Denton TX

4. Who Are You? Control System Engineers IT Professionals Compliance/Legal

5. What People Think We Do

6. What We Think We Do

7. What We Really Do FACEBOOK

8. Patch Your Systems NOW! •  Why? –  Fix bugs – not ants, grasshoppers, etc –  Protect systems from being breached –  Be0er func5onality? Some5mes……….

9. Prove it FUD Man!!! •  Live Demo of what can happen if not patched –  It takes 5me and resources to plan and act on patching systems for the many updates that are available –  It only takes one missing patch for someone to P0wn your system (yes, thats hacker speak) •  Anyone can do it today with the tools freely available on the internet •  Verizon Data Breach report stated 97% of breaches could have been avoided through simple or intermediate controls such as patching, password complexity, etc.

10. What to do? •  Patch your devices; All of them! Windows, Linux, Java, Adobe, RTU’s, and network devices ASAP! •  Most important is to show FERCing NERC TFE love; install an5virus on printers, network devices, and your toaster!!!

11. Ques5ons / Comments

12. William Whitney III Cyber Security & Compliance Manager Garland Power & Light / City of Garland williamw@gplops.org 972-‐205-‐3080

Security Updates Matter: Exploitation for Beginners

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Destacado

Destacado (20)

Similar a Security Updates Matter: Exploitation for Beginners

Similar a Security Updates Matter: Exploitation for Beginners (20)

Más de EnergySec

Más de EnergySec (20)

Último

Último (20)

Security Updates Matter: Exploitation for Beginners