securing caribbean networks
play

Securing Caribbean networks Bevil Wooding Executive Director, - PowerPoint PPT Presentation

Jun 07, 2023 •256 likes •614 views

Securing Caribbean networks Bevil Wooding Executive Director, CaribNOG THE DIGITAL WORLD Explosion of Online Devices Explosion of Online Users Explosion of Online Data Dark Side To Digital Progress There are only two types of

  1. Securing Caribbean networks Bevil Wooding Executive Director, CaribNOG

  2. THE DIGITAL WORLD • Explosion of Online Devices • Explosion of Online Users • Explosion of Online Data

  3. Dark Side To Digital Progress

  4. “ There are only two types of companies : Those that have been hacked, a nd those that will be.”

  5. THE THREAT IS REAL

  7. In a Word … PEOPLE

  8. BE AFRAID..BUT ALSO BE INFORMED Understanding The Power of the Dark Side

  9. POWERFUL DARK SIDE FORCES Today’s Cyber Criminals are: • Highly ORGANZED • Highly MOTIVATED • Highly RESOURCED and Highly EFFECTIVE!

  10. THE DARK SIDE IS SOPHISTICATED

  11. POWERFUL DARK SIDE FORCES Cybercriminals Hactivists Nation-States Insiders • Broad-based and • Targeted and • Targeted and • Targeted and targeted destructive multi-stage destructive • Financially • Unpredictable • Motivated by data • Unpredictable motivated motivations collection motivations • Getting more • Generally less • Highly • Sophistication sophisticated sophisticated sophisticated with varies endless resources

  12. 2013 - TARGET 2014 - SONY 2015 - OPM 2017 – WannaCry Ransomwear Major cyber attack disrupts internet service across the WORLD!

  13. 2013 - TARGET Russian Crime Syndicate; 1 17 yr old wrote the malware Compromised via a Third- 1 Party Vendor (HVAC) Easy Reconnaissance; 1 Ignored Initial Alerts Internal Infrastructure Used 1 Against Themselves

  14. 2014 - SONY GUARDIANS OF PEACE 1 (North Korean Government) Internally Everything Destroyed; Whole World Saw Emails & 1 Sensitive Information Most of the Company Had Too 1 Much Access; Passwords were stored in files named ‘Passwords’ 1 Warning Signs were Ignored

  15. 2015 - OPM Chinese Government 1 Compromised Using Defense 1 Contractor’s Credentials Encryption is great, but it doesn’t 1 stop those who have passwords or credentials Data Stolen During Holiday When 1 Staffing was Light.

  16. 2016 – DYN DNS Hackers - For Profit or Other 1 Motive? Millions of Compromised 1 Digital Video Cameras Unpatched IoT Devices 1 Plenty of Individuals, Companies, and Vendors to 1 Blame!

  17. 2017 - WannaCry Hackers - Unknown 1 Ransom message asking for 1 approx. $300. Increase to $600 after 3 days. After 7 days, files destroyed Estimated > 200,000 victims 1 WORLDWIDE CONTRIES AFFECTED

  18. IT’S NOW EASIER TO BE ON THE DARK SIDE

  19. PUBLICLY AVAILABLE TOOLS

  20. OUTSOURCING & CAPACITY BUILDING

  21. Securing National Development WHAT COMES NEXT … NO ONE KNOWS “Future attacks will likely increasingly be directed to softer targets in locations through which huge sums of money flow electronically for tax efficiency or advantage, those areas with infrastructure links to the United States and Europe, and in areas where the success of a sector such as tourism is central to the stability of the regional or national economy.”

  22. Securing National Development WHAT’S ALREADY HERE – CARIBBEAN ALREADY FE • Ransomware Attacks • Phishing Attacks • Distributed Denial Of Service • Data Theft • Identity Theft • ATM Scams

  23. Securing National Development GREATER THREATS, FEWER RESOURCES • Cybersecurity Skills Are in High Demand, Yet in Short Supply – most organizations do not have the people or systems to monitor their networks consistently and to determine how they are being infiltrated. – Cisco estimates there are over 1 million unfilled security jobs worldwide

  24. FORTUNATELY … ALL IS NOT LOST RESISTANCE IS NOT FUTILE W h i l e t h e r e i s n o s i l v e r b u l l e t s o l u t i o n w i t h c y b e r s e c u r i t y, a w e l l - i n f o r m e d , w e l l - s t r u c t u r e d , c o o r d i n a t e d , m u l t i - s t a k e h o l d e r a p p r o a c h c a n m a k e a b i g d i f f e r e n c e

  25. Securing National Development Opportunity in the Crisis • As the Internet of Things (IoT) gains more traction, the lack of basic security standards and the increasing skill shortage will present opportunities for countries and businesses that invest in cybersecurity skills development

  26. Securing National Development Opportunity in the Crisis • As the Internet of Things (IoT) gains more traction, the lack of basic security standards and the increasing skill shortage will present opportunities for countries and businesses that invest in cybersecurity skills development

  27. Securing National Development Joining the Resistance • Effective Cybersecurity Requires – Cyber Strategies – People, Analytics, Intelligence, and Technology – An Informed Human Approach to Security

  28. Securing National Development A Note on Cyber Strategies Cybersecurity Develop in collaboration with critical business strategies units – embed security personnel into business should be units, so security strategy can be integrated not holistic just tacked on Align to Business Goals – If you bring value with your strategy, security becomes a business differentiator and revenue generator, transforming security from cost center to a growth center.

  29. Securing National Development A Note on Cyber Strategies Cybersecurity Validate at the leadership level – Keeping organizational strategies leaders informed and involved in data breach should be preparedness and response plans is essential for holistic. maintaining a sophisticated security posture. Dynamically managed – Threat actors continuously adapt. Your cybersecurity strategy should, too. Treat it like it is a living, breathing, constantly questing process. If you let it languish, your threat posture also suffers.

  30. HOW CAN GOVERNMENTS HELP? UPDATE LEGISLATION PARTICIPATE IN REGIONAL BODIES STRENGTHEN LOCAL CAPACITY RAISE PUBLIC AWARENE SET NATIONAL STANDARDS

  31. HOW CAN INDUSTRY HELP? TRACK THE TREND LINES SUPORT PUBLIC-PRIVATE COOPERATION INVEST IN SECURITY TOOLS AND INFRASTRUCTUR ENCOURAGE AND TRAIN CYBER EXPERTS

  32. Make the Investment. Develop a Cyber Security Strategy. TAKE ACTION! “despite hard pressed budgets, cyber security needs to be seen as just as important as physical security and treated as core cost for businesses and governments .” … IT’s WORTH IT

  33. About the Presenter BEVIL M. WOODING Internet Strategist, Packet Clearing House Mr. Wooding is an an Internet Strategist for Packet Clearing House, a US-based non-profit research institute. He is also the Executive Director of the Caribbean Network Operators Group Twitter/Linked: @bevilwooding

  34. Questions in fo @ c arib no g.o r g

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Securing Home Networks Securing Home Networks protocols protocols A SWN04 A SWN04 K.

Securing Home Networks Securing Home Networks protocols protocols A SWN04 A SWN04 K.

Securing Home Networks Securing Home Networks protocols protocols A SWN04 A SWN04 K. MASMOUDI, K. MASMOUDI, H. AFIFI H. AFIFI Boston, 08/2004 6 th PCRD Integrated Project Goal : provide secure communication

450 views • 22 slides
Mobile Networks Module I Part 2 Securing Vehicular Networks Prof. J.-P. Hubaux 1 Outline

Mobile Networks Module I Part 2 Securing Vehicular Networks Prof. J.-P. Hubaux 1 Outline

Mobile Networks Module I Part 2 Securing Vehicular Networks Prof. J.-P. Hubaux 1 Outline Motivation Threat model and specific attacks Security architecture Security analysis Certificate revocation

751 views • 43 slides
Securing Networks in the Programmable Data Plane Era Luciano Gaspary paschoal@inf.ufrgs.br

Securing Networks in the Programmable Data Plane Era Luciano Gaspary paschoal@inf.ufrgs.br

Securing Networks in the Programmable Data Plane Era Luciano Gaspary paschoal@inf.ufrgs.br Instituto de Informtica UFRGS Securing Networks in the Programmable Data Plane Era Network softwarization : the first wave P4 programs are

607 views • 12 slides
Securing networks with Honeypots Motivation Scenario : Web server Internet SSH How to

Securing networks with Honeypots Motivation Scenario : Web server Internet SSH How to

Benjamin Braun, Klemens Mang Securing networks with Honeypots Motivation Scenario : Web server Internet SSH How to detect attackers accessing your service? How to analyze attack patterns? How to detect yet unknown attack

246 views • 13 slides
Securing 5G Networks Stavros Papadopoulos, Anastasios Drosou, and Dimitrios Tzovaras 5 th

Securing 5G Networks Stavros Papadopoulos, Anastasios Drosou, and Dimitrios Tzovaras 5 th

Behavioural Network Traffic Analytics for Securing 5G Networks Stavros Papadopoulos, Anastasios Drosou, and Dimitrios Tzovaras 5 th International Workshop on 5G Architecture (5GARCH) Presenter: Dr. Stavros Papadopoulos Post-doctoral research

426 views • 23 slides
Supporting recovery and sustainable development in the Caribbean Caribbean The role of the Global

Supporting recovery and sustainable development in the Caribbean Caribbean The role of the Global

Supporting recovery and sustainable development in the Caribbean Caribbean The role of the Global Jobs Pact By Stephen Pursey Director ILO Policy Integration Department y g p The crisis in the Caribbean The crisis in the Caribbean Global crisis

809 views • 19 slides
Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 19 Page 1 CS 236 Online Putting It All Together Weve talked a lot about security principles And about security problems And

209 views • 17 slides
Doing Research in the Caribbean Introduction to Caribbean Studies Stacey Mac Donald & Sanne

Doing Research in the Caribbean Introduction to Caribbean Studies Stacey Mac Donald & Sanne

Doing Research in the Caribbean Introduction to Caribbean Studies Stacey Mac Donald & Sanne Rotmeijer PhD Candidates, KITLV This afternoon Introducing Confronting Caribbean Challenges research project Key notions >

327 views • 17 slides
The Future of Caribbean Tourism Key Considerations for the COVID-19 recovery Caribbean

The Future of Caribbean Tourism Key Considerations for the COVID-19 recovery Caribbean

The Future of Caribbean Tourism Key Considerations for the COVID-19 recovery Caribbean Tourism Organization April 30, 2020 1 COVID-19 and Caribbean Tourism A quick snapshot 2 COVID-19 Caribbean overview The first cases of COVID-19

834 views • 14 slides
Introduction to Caribbean spaces (Course Postcolonialism and power relations in the Caribbean

Introduction to Caribbean spaces (Course Postcolonialism and power relations in the Caribbean

Introduction to Caribbean spaces (Course Postcolonialism and power relations in the Caribbean ) Christophe Premat Brainstorming List the representations that you have when you hear about the Caribbean spaces What are your

672 views • 22 slides
Securing IPv6 neighbor discovery and SLAAC in access networks through SDN Daniel Nelle,

Securing IPv6 neighbor discovery and SLAAC in access networks through SDN Daniel Nelle,

Securing IPv6 neighbor discovery and SLAAC in access networks through SDN Daniel Nelle, dnelle@uni-potsdam.de Thomas Scheffler, thomas.scheffler@htw-berlin.de ANRW 2019, Montreal, July 22nd 2019 Outline Security issues in ICMPv6 Stateless

663 views • 21 slides
IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT is a system of systems, with A great deal of heterogeneity (sensing, computation, communication, energy) New types of devices appearing all

1.35k views • 65 slides
- Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo Hckel - Securing Santas

- Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo Hckel - Securing Santas

- Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo Hckel - Securing Santas Sleigh - INET XMAS Presentation 2018 by Timo Hckel Overview 1. Automotive Networks 2. SecVI Research Project 3. Software-Defined Networking

344 views • 31 slides
IXPS and Peering in the Caribbean Growing the Caribbean Digital Economy Global Context By 2020,

IXPS and Peering in the Caribbean Growing the Caribbean Digital Economy Global Context By 2020,

Presenter: Bevil M. Wooding Caribbean Outreach Manager, Packet Clearing House IXPS and Peering in the Caribbean Growing the Caribbean Digital Economy Global Context By 2020, smartphones will generate 30% of total IP traffic Global broadband

365 views • 18 slides
Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

www.securing.pl Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl @_r3ggi wojciech.regula@securing.pl www.securing.pl www.securing.pl WHOAMI -Senior IT Security Consultant @ SecuRing -Focused on

998 views • 67 slides
Mare Nostrum Caribbean (Our Caribbean Sea) Programs and Partnerships V irgin I slands

Mare Nostrum Caribbean (Our Caribbean Sea) Programs and Partnerships V irgin I slands

Mare Nostrum Caribbean (Our Caribbean Sea) Programs and Partnerships V irgin I slands E xperimental P rogram to S timulate C ompetitive R esearch Some Thoughts on How to Sustain a Successful Program Mark R. Boardman "In the

504 views • 32 slides
Bridging the Gap on Breaches: What Makes the Difference? Sponsored By: Bridging the Gap on

Bridging the Gap on Breaches: What Makes the Difference? Sponsored By: Bridging the Gap on

Bridging the Gap on Breaches: What Makes the Difference? Sponsored By: Bridging the Gap on Breaches: What Makes the Difference? Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides Recording of

423 views • 21 slides
IODEF Extensions for Phishing and Other E-Crimeware Patrick Cain Latest Status New draft

IODEF Extensions for Phishing and Other E-Crimeware Patrick Cain Latest Status New draft

IODEF Extensions for Phishing and Other E-Crimeware Patrick Cain Latest Status New draft out. Missed deadline by a little; should show up in repository soon. draft-ietf-inch-phishingextns-02 One Technical change Many

452 views • 5 slides
The South Jersey Regional Traffic Signal Inventory Andrew Tracy Transportation Engineer

The South Jersey Regional Traffic Signal Inventory Andrew Tracy Transportation Engineer

The South Jersey Regional Traffic Signal Inventory Andrew Tracy Transportation Engineer atracy@sjtpo.org SOUTH JERSEY TRANSPORTATION PLANNING ORGANIZATION Background 55 47 The Friendly MPO Background Project purpose & need:

373 views • 18 slides
Nobel Laureates 2007 Physics: Chemistry: Prof. Peter Grnberg, Prof. Gerhard Ertl, FZ Jlich

Nobel Laureates 2007 Physics: Chemistry: Prof. Peter Grnberg, Prof. Gerhard Ertl, FZ Jlich

Nobel Laureates 2007 Physics: Chemistry: Prof. Peter Grnberg, Prof. Gerhard Ertl, FZ Jlich Fritz Haber Institut der and MPG, Berlin Prof. Albert Fert, Paris Giant Magneto Resistance: GMR Electrical resistance of stacked magnetic

1.07k views • 48 slides
Building an analytic department From Zero to TensorFlow 1 The Peter principle: People in a

Building an analytic department From Zero to TensorFlow 1 The Peter principle: People in a

Building an analytic department From Zero to TensorFlow 1 The Peter principle: People in a hierarchy tend to rise to their level of incompetence : An employee is promoted based on their success in previous jobs, until they reach a level

649 views • 41 slides
CYBER SECURITY IS OUR SHARED RESPONSIBILITY WHAT ARE WE DEALING WITH AND WHAT DO WE NEED TO DO?

CYBER SECURITY IS OUR SHARED RESPONSIBILITY WHAT ARE WE DEALING WITH AND WHAT DO WE NEED TO DO?

CYBER SECURITY IS OUR SHARED RESPONSIBILITY WHAT ARE WE DEALING WITH AND WHAT DO WE NEED TO DO? NORTH DAKOTA CYBER SECURITY CONFERENCE Jay Beale, CTO and COO at InGuardians @jaybeale and @inguardians th , 2018 March 15

961 views • 50 slides
1. Reconstruction and the West 1.1 Reconstruction: Americas Unfinished Revolution, 1865-1877

1. Reconstruction and the West 1.1 Reconstruction: Americas Unfinished Revolution, 1865-1877

1. Reconstruction and the West 1.1 Reconstruction: Americas Unfinished Revolution, 1865-1877 1.2 Go West, Young Man!: 1865-1900 1.1 Reconstruction: Americas Unfinished Revolution, 1865-1877 1.1.1 Wartime Reconstruction 1.1.2

1.72k views • 134 slides
Forging ahead, scaling the BBC into Web/2.0 Dirk-Willem van Gulik Chief Technical Architect

Forging ahead, scaling the BBC into Web/2.0 Dirk-Willem van Gulik Chief Technical Architect

Forging ahead, scaling the BBC into Web/2.0 Dirk-Willem van Gulik Chief Technical Architect QCon, London, 2009 Tuesday, 10 March 2009 Overview The BBC, background and scale Existing path to the audience Forge: Change Programme,

865 views • 55 slides

More recommend