practical cyber defense
DESCRIPTION
This presentation was given at the CIISF Conference - "Cyber threat to opportunity: protecting your business in a changing world" held in jersey on 30th May 2014TRANSCRIPT
Practical CyberDefense
By Paul Dutot
About me
● Co Founder of the CIISF
Practical CyberDefense
● Employed as an Ethical Security Consultant @ Logicalis Jersey
● Practice Offensive & Defensive Security for businesses at all verticals
Agenda
● Concepts I and II
Practical CyberDefense
● Stages 1-5 of a practical Cyber Defense with more demo's
● Resources
Questions at the end please
● Reverse & Bind Shells Demo
Concepts I“Attackers have months to prepare, defenders have minutes to react”
Practical CyberDefense
“This is not a security control !!!!”
vs
Concepts II“Security is a journey”
Practical CyberDefense
“What are the bad guys trying to achieve?
Reverse & Bind Shells
Practical CyberDefense
Demo
Stage 1 – Buy In
● Appoint a 'Cyber' champion
● 'C' level Buy In
● Maintain a 'Cyber' risk register
Practical CyberDefense
● Do Security Awareness
Stage 2 - Reconnaisance
Some Forgotten Ones
Practical CyberDefense
Demo
Reconnaisance Aims
Practical CyberDefense
● To profile your organsiation
● In preparation for social enginering attacks and or email phishing
Reconnaisance - Mitigation
Practical CyberDefense
● Undertake reconnaisance to find public information
● Mitigate risk by takedown and creating contray information
● Test your defenses and train your users
Phishing is a big deal !!!
Practical CyberDefense
Stage 3 – Understanding AV
Is AV really protecting us - the case for and against
Practical CyberDefense
Stage 3 – AV Bypass
Demo - The case against
Practical CyberDefense
Stage 3 – The case for
We still need AV to protect us !
Practical CyberDefense
Stage 4 – Think outside the box
● Databases – They are the end game
Practical CyberDefense
● Web applications – Owasp Top 10
● UC Communications – TDos / Toll Fraud
● Data Encryption – Laptops / Desktops / Databases
Stage 5 – It's not if but whenSIEM – Security, Information& Event Monitoring
Practical CyberDefense
Stage 5 – SIEM
OSSIM SIEM – Free open Source SIEM Demo
Practical CyberDefense
Resources
Florida State● http://www.cs.fsu.edu/~redwood/OffensiveSecurity/
Practical CyberDefense
SANS Institute● http://www.sans.org/critical-security-controls/controls/
OWASP Top 10 - 2013● https://www.owasp.org/index.php/Top_10_2013-Top_10
Thank you – Any Questions?
Blog – http://cyberkryption.com
Practical CyberDefense
@cyberkryption