centre for cyber security
play

Centre for Cyber Security Thomas Kristmar Centre for Cyber Security - PowerPoint PPT Presentation

Apr 01, 2023 •260 likes •455 views

Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence Service 05-10-2015 05-10-2015 Who are we? Centre for Cyber Security In respect of the Rule of Law and Privacy Cyber is a priority (Gov.

  1. Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence Service

  2. 05-10-2015

  3. 05-10-2015

  4. Who are we? Centre for Cyber Security  In respect of the Rule of Law and Privacy – Cyber is a priority (Gov. Declaration, Oct 2011)  National Centre of excellence in Cyber Security  DK Defence Intelligence Service 5. oktober 2015 4

  5.  SDLC - Theory

  6.  Actual SDLC Too costly Ship & Fix in Requirements /too late future release

  7. Example – SSL certificates 5. oktober 2015 7

  8. Example Directory Traversal 05-10-2015

  9. “Those who don't know history are doomed to repeat it.” 05-10-2015

  10. Societal Impact 05-10-2015

  11. Risk  Know your code http://cynosureprime.blogspot.dk/2015/09/ how-we-cracked-millions-of-ashley.html 05-10-2015

  12. Risk  Know your code http://qz.com/501073/the-top-100-passwords-on-ashley- madison/ Password Number of users 123456 120511 12345 48452 password 39448 DEFAULT 34275 123456789 26620 qwerty 20778  XcodeGhost http://researchcenter.paloaltonetworks.com/2015/09/novel-malware-xcodeghost-modifies- xcode-infects-apple-ios-apps-and-hits-app-store/ 05-10-2015

  13. Risk  Don’t implement your own crypto  Pixie Dust Attacks (flaw in three implementations of WPS)  https://docs.google.com/spreadsheets/d/1tSl bqVQ59kGn8hgmwcPTHUECQ3o9YhXR91A_p 7Nnj5Y/edit?pli=1#gid=2048815923  And pls. don’t hardcode passwords  CVE-2014-0329 :DSL routers contain hardcoded password 05-10-2015

  14. Risk  Open source isn’t secure by default CVE-2014-0160 CVE-2014-6271 05-10-2015

  15. Lessons Learned  Know your code AND be able to update  Don’t implement your own crypto  Open source isn’t secure by default  Read OWASP / SDLC AND do threat modeling 05-10-2015

  16. Thank you for your attention 05-10-2015

  17. 05-10-2015

  18. 05-10-2015

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

ABB MINING USER CONFERENCE, MAY 02-05, 2017 Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial Automation Division Agenda Why worry about cyber security? ABBs approach to cyber security Cyber security

1.07k views • 39 slides
Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web application weaknesses XSS AJAX weaknesses SQL Injection Attacks (Slides from Lars Olson)

588 views • 41 slides
Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD students and employees)

359 views • 23 slides
Route map of our journey this evening Ciphers - coming of age The Enigma Machine Poles

Route map of our journey this evening Ciphers - coming of age The Enigma Machine Poles

Breaking Enigma & the U-boat Codes and the Legacy of Alan Turing Tuesday 17th April 2012 Professor David Stupples Centre for Cyber Security Sciences Centre for Cyber Security Sciences Route map of our journey this evening Ciphers -

711 views • 36 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* *

ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* *

ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* * Preliminary programme, subject to revision/update status 16 December 2014 4 February 2015 Day 1: Cyber Security Readiness Registration KU

306 views • 4 slides
Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford

Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford

16 Oct 2012 Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford Willke Cyber Security Advisor, MidAtlantic Region National Cyber Security Division (NCSD) Office of Cybersecurity and Communications

443 views • 20 slides
Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs ! 3 properties ... Confidentiality (including personal data) Integrity Availability 2 -Sminaire LIRIMA: Cyber security: current

876 views • 64 slides
2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor,

2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor,

2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor, Region VII Office of Cybersecurity and Communications (CS&C) National Protection and Programs Directorate (NPPD) FOUO / UNCLASS Cyber Security

333 views • 12 slides
CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

Eric Weston Wally Magda, CISSP, PSP, CISA Compliance Auditor, Cyber Compliance Auditor, Cyber Security Security CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September 24-25, 2013 Salt Lake City, UT No

2.02k views • 198 slides
CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview

CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview

CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview 1. What is at risk? 2. Global industry trends 3. BDO/AusCERT survey 4. Recent cyber case studies 5. Cyber risk mitigation strategies Page

481 views • 35 slides
Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to

Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to

1 Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to innovation Sallie Sweeney KPMG The healthcare industrys evolution toward a true value based system, assuming responsibility for complex

797 views • 10 slides
Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin

Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin

A A Conceptual Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin Bahi , Olaf Manuel Maennel Centre For Digital Forensics and Cyber Security Tallinn University of Technology Evolvement of Cyber

470 views • 13 slides
Security Testing Checking for what shouldnt happen Azqa Nadeem PhD Student @ Cyber Security

Security Testing Checking for what shouldnt happen Azqa Nadeem PhD Student @ Cyber Security

Security Testing Checking for what shouldnt happen Azqa Nadeem PhD Student @ Cyber Security Group The Cyber Security lecture series 1 Agenda for today Part I Latest security news Security vulnerabilities in Java

2.02k views • 185 slides
Cyber Security Information Sharing Oscar Serrano NCI Agency Cyber Security Service Line

Cyber Security Information Sharing Oscar Serrano NCI Agency Cyber Security Service Line

Cyber Security Information Sharing Oscar Serrano NCI Agency Cyber Security Service Line DeepSec 2014, Vienna, 21 November 2014 NATO UNCLASSIFIED Cyber Security In NATO NATO in a nutshell: Collective defence Interoperable

666 views • 42 slides
Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October

Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October

Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October 30, 2012 Cyberwar Hits Energy Firms Escalating from Interruption to Destruction Iranian nuclear program: Stuxnet destroys 1,000+

253 views • 12 slides
Cyberwar http://wiki.ucalgary.ca/page/Courses/Computer_Science/ CPSC_601.65.Cyberwar.F2012 What

Cyberwar http://wiki.ucalgary.ca/page/Courses/Computer_Science/ CPSC_601.65.Cyberwar.F2012 What

Cyberwar http://wiki.ucalgary.ca/page/Courses/Computer_Science/ CPSC_601.65.Cyberwar.F2012 What is war? State of armed conflict between states or societies. It is generally characterized by extreme aggression, destruction, and mortality,

570 views • 14 slides
Cyber@UC Meeting 84 SQL Injection If Youre New! Join our Slack: cyberatuc.slack.com Check

Cyber@UC Meeting 84 SQL Injection If Youre New! Join our Slack: cyberatuc.slack.com Check

Cyber@UC Meeting 84 SQL Injection If Youre New! Join our Slack: cyberatuc.slack.com Check out our website: cyberatuc.org Organization Resources on our Wiki: wiki.cyberatuc.org SIGN IN! (Slackbot will post the link in

435 views • 10 slides
ITEC 2020 Introduction to BMT Formed in 1985 through Engineering, Employee Benefit Heritage

ITEC 2020 Introduction to BMT Formed in 1985 through Engineering, Employee Benefit Heritage

The Potential for Space Operations & Training using Virtual and Augmented Reality ITEC 2020 Introduction to BMT Formed in 1985 through Engineering, Employee Benefit Heritage of research United Kingdom Government design and risk Trust

415 views • 17 slides
? ? ? of maximal independent subsets of A . ? Examples of matroids: E is a family

? ? ? of maximal independent subsets of A . ? Examples of matroids: E is a family

Slide 1 Slide 3 Codes Finite geometry and permutation groups: An [ n , k ] code over GF ( q ) is a k -dimensional sub- space of GF ( q ) n . Its elements are called codewords . some polynomial links The weight wt ( v ) of v is the number of

421 views • 4 slides
An optimized subspace iteration eigensolver applied to sequences of dense eigenproblems in ab

An optimized subspace iteration eigensolver applied to sequences of dense eigenproblems in ab

Mitglied der Helmholtz-Gemeinschaft An optimized subspace iteration eigensolver applied to sequences of dense eigenproblems in ab initio simulations PMAA14, Lugano, Switzerland. July 4th E. Di Napoli and M. Berljafa Motivation: electronic

539 views • 37 slides
Unicyclic strong permutations Claude Gravel (Universit e de Montr eal) Daniel Panario

Unicyclic strong permutations Claude Gravel (Universit e de Montr eal) Daniel Panario

Unicyclic strong permutations Claude Gravel (Universit e de Montr eal) Daniel Panario (Carleton University) David Thomson (Carleton University) Tuesday, June 19 th , and Wednesday, 20 th , 2018 The 3 rd International Workshop on B oolean

820 views • 61 slides
AN INTRODUCTION TO THE MASLOV INDEX IN SYMPLECTIC TOPOLOGY Andrew Ranicki and Daniele Sepe

AN INTRODUCTION TO THE MASLOV INDEX IN SYMPLECTIC TOPOLOGY Andrew Ranicki and Daniele Sepe

1 AN INTRODUCTION TO THE MASLOV INDEX IN SYMPLECTIC TOPOLOGY Andrew Ranicki and Daniele Sepe (Edinburgh) http://www.maths.ed.ac.uk/ aar Maslov index seminar, 9 November 2009 2 The 1-dimensional Lagrangians Definition (i) Let R 2 have

429 views • 31 slides

More recommend