cybersecurity
play

CYBERSECURITY Situational awareness Franois Thill, Director - PowerPoint PPT Presentation

Mar 07, 2024 •205 likes •427 views

CYBERSECURITY Situational awareness Franois Thill, Director Cybersecurity, Ministry of the economy Agenda The actual situation Strategy of the ministry Risk management a common language Some good practice examples 2 The

  1. CYBERSECURITY Situational awareness François Thill, Director Cybersecurity, Ministry of the economy

  2. Agenda • The actual situation • Strategy of the ministry • Risk management – a common language • Some good practice examples 2

  3. The actual situation … threats are mature – we are too, aren‘t we? 3

  4. Convergence of technologies Convergence • Towards a „monoculture“ of systems • Everything is connected http://www.geneticliteracyproject.org

  5. Vulnerabilities Vulnerabilities • „Zero - Day“ • Human vulnerabilities (I love you) Photos by Justin Baeder and Ricardo Martins

  6. Development of the threat landscape (LU) Threat actors are mature, highly skilled, with deep pockets • 55% crime • 40% espionage • 5% activism Michael Surran : http://commons.wikimedia.org/wiki/File:Boy_with_Commodore_Vic_20_%281984%29.jpg

  7. Subcontractors Subcontractors • Service quality of subcontractors (who will you call) Jordy Meow: Gunkanjima. A view from the school.

  8. It is not an individual challenge Stop fighting alone – it is a societal challenge! • We need skills • We need to reduce costs and complexity • We need to work together and share Rootology: Rowboat with oars and two passengers.

  9. Strategy of the ministry … Security for all, together ! 9

  10. Strategy of the ministry • Democratization of security • Manage risks • Identify synergies • mutualize • cooperate • Reduction of compliance efforts Photo: Alexandre Dulaunoy

  11. Risk management makes it possible Principle of proportionality and necessity

  12. Risik management must Deliver reliable results

  13. Risik management must Deliver comparable results Photo: Ionutzmovie

  14. Risik management must Be repeatable

  15. Risk Management – the common language Definition of scope Definition of risk appetite Definition of primary assets and criticality Identification of secondary assets Identification of asset’s vulnerabilities Identification of threats exploiting asset’s vulns Estimation and evaluation of risk Risk reduction , avoidance , extern., acceptance Risk = Impact x Threat x Vulnerability

  16. Good practice • CASES : Risk Management • CIRCL : MISP & AIL • C3 : Room 42 and so much more

  17. Good practice - CASES • Risk management based upon fobjective metrics Creation of comparable results •

  18. Good practice - CIRCL • MISP – Malware Information Sharing Platform

  19. Good practice - CIRCL • AIL – Analysis of Information Leaks

  20. Good practice – C3 Room 42

  21. Thank you - François Thill • www.securitymadein.lu • www.cases.lu • www.circl.lu • https://monarc.lu • CIRCL : MISP & AIL • C3 : Room 42 und soviel mehr

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland Chapter Contents Cybersecurity and risk management 1 Cybersecurity and the regulatory 2 environment Cybersecurity and the audit 3 4 Appendix

685 views • 37 slides
KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

7/17/2020 KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing Attacks Malware/Ransomware Hacking Imposter Scams 1 7/17/2020 KACo Cybersecurity Training BEWARE OF Phishing Phishing attacks

248 views • 6 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2019 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

212 views • 19 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2018 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

325 views • 18 slides
ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity Related to Subregional Seminar on Cybersecurity for Information and Communication Networks 21 June 2005 Lima, Peru Christine Sund Christine Sund

921 views • 48 slides
Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel Sofia, Bulgaria Mr. Joaqun Castelln , Operational Director Spanish National Security Department Ms. Anita TIKOS , Desk Officer for International

197 views • 15 slides
EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU Cybersecurity European policy overview e-IRG e-IRG 4 December 2019 Brussels Anni Hellman, Senior Expert, Permanent Representation of Finland to the European Union Seconded for the Finnish Presidency from the Directorate General

320 views • 28 slides
MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity Consultants, The Cybersecurity Expert Guys Cybersecurity Researcher 2 Agenda 1. Account Takeover via Forgot Password Function 2. Amazon S3

2.36k views • 75 slides
Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical Facilities Local Government Schools Law Enforcement Media Outlets The threat and how to think about it Ransomware has rapidly emerged as the most

398 views • 15 slides
INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

Section 1 Dr. Bruce Burton California Cybersecurity INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and implications Learn from past attacks Understand the NIST Cybersecurity Framework (CSF) &

368 views • 33 slides
Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive

Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive

Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive Director EY Chair AICPA Trust Information Integrity Task Force Agenda Item 8-D IAASB Meeting, September 21-25, 2015 New York, USA Page 1 Increasing

444 views • 17 slides
Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado

Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado

Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado Network vs. Internet a network is a system of computers that talk over some communication medium: phone line (analogue modem, DSL), cable,

957 views • 47 slides
CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE

CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE

GIUSEPPE ATENIESE FARBER CHAIR AND CS DEPT CHAIR CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE According to insurance company Lloyds, cyberattacks cost businesses $400 billion a year A

123 views • 9 slides
Managing Cybersecurity & Safety Risk CTO, Industrial Cybersecurity CRO, TV Rheinland 2mc

Managing Cybersecurity & Safety Risk CTO, Industrial Cybersecurity CRO, TV Rheinland 2mc

Nigel Stanley MSc CEng FIET MIEEE Anthony Dickinson BSc MBA Managing Cybersecurity & Safety Risk CTO, Industrial Cybersecurity CRO, TV Rheinland 2mc In the Aluminium Industry nigel.stanley@us.tuv.com adickinson@2mc.co Building Cyber

405 views • 12 slides
CSC304 Lecture 22 CSC304 - Nisarg Shah 1 BUT FIRST Course Evaluation Low response rate

CSC304 Lecture 22 CSC304 - Nisarg Shah 1 BUT FIRST Course Evaluation Low response rate

CSC304 Lecture 22 CSC304 - Nisarg Shah 1 BUT FIRST Course Evaluation Low response rate CSC304 - Nisarg Shah 2 Complete your course evaluations Check your e-mail for a link to your evaluations, or log-in to www.portal.utoronto.ca and

321 views • 13 slides
Argument Evaluation Based on Proportionality Marcin Selinger Department of Logic and Methodology

Argument Evaluation Based on Proportionality Marcin Selinger Department of Logic and Methodology

Argument Evaluation Based on Proportionality Marcin Selinger Department of Logic and Methodology of Sciences University of Wrocaw Argument Strength Ruhr University, Bochum 2016 The strength of structured arguments I. Syntax II. Evaluation

480 views • 30 slides
Philadelphia Intellectual Property Law Association Hot Topics in Trademark Practice Lydia Belzer

Philadelphia Intellectual Property Law Association Hot Topics in Trademark Practice Lydia Belzer

Philadelphia Intellectual Property Law Association Hot Topics in Trademark Practice Lydia Belzer USPTO Glenn Gundersen Dechert Dionne Heard Volpe & Koenig Hae Park-Suk Nixon & Vanderhye | U.S. Trademark Applications (calendar year) U.S.

733 views • 9 slides
Fostering Peer Support to Address Behavioral Health Needs Among Older Adults May 14, 2019

Fostering Peer Support to Address Behavioral Health Needs Among Older Adults May 14, 2019

Fostering Peer Support to Address Behavioral Health Needs Among Older Adults May 14, 2019 Cynthia Zubritsky, PhD, Center for Mental Health Policy and Services Research, Perelman School of Medicine Dan OBrien-Mazza, Veterans Health

917 views • 63 slides
Group Health Insurance Benefit Options for Nonprofits Welcome! Margie Siegel Association Health

Group Health Insurance Benefit Options for Nonprofits Welcome! Margie Siegel Association Health

Group Health Insurance Benefit Options for Nonprofits Welcome! Margie Siegel Association Health Plan Team Lead MN Council of Nonprofits Jack Duffy Benefits Consultant Gallagher Objectives for Today Background Approval & Launch Plan

336 views • 32 slides
Status of the Health Insurance Project for Users Pierre Bonnal Doris Chromek-Burckhart Risk

Status of the Health Insurance Project for Users Pierre Bonnal Doris Chromek-Burckhart Risk

Status of the Health Insurance Project for Users Pierre Bonnal Doris Chromek-Burckhart Risk & Insurance Manager Head of CERN Users Office CERN DG-DI CERN PH-AGS-UO 102 nd ACCU Meeting 4 th December 2013 Previous Milestones ACCU #98

247 views • 6 slides
Practice in analysis of multistate R allows you to build powerful procedures from simple building

Practice in analysis of multistate R allows you to build powerful procedures from simple building

Objects and functions Practice in analysis of multistate R allows you to build powerful procedures from simple building models using Epi::Lexis blocks. These building blocks are objects and functions . All data in R is represented by objects ,

640 views • 24 slides
mad skills: new analysis practices for big data 2. dude, you got mad skills.

mad skills: new analysis practices for big data 2. dude, you got mad skills.

Jeffrey Cohen, Brian Dolan, Mark Dunlap, Joseph M. Hellerstein, Caleb Welton November 10, 2015 presented by Ritwika Ghosh mad skills: new analysis practices for big data 2. dude, you got mad skills. UrbanDictionary.com 1 mad (adj.): an

574 views • 24 slides

More recommend