women in ict and newbie night
play

Women in ICT and Newbie Night August 15 Introduction Statistics - PowerPoint PPT Presentation

Feb 17, 2023 •288 likes •470 views

Women in ICT and Newbie Night August 15 Introduction Statistics Who here is from some form of social media? Who here is a developer? Cyber Security FM (Women in ICT and Newbie Night) August 15 Cyber Governance, Risk

  1. Women in ICT and Newbie Night August 15

  2. Introduction… Statistics • Who here is from some form of social media? • Who here is a developer? • Cyber Security FM (Women in ICT and Newbie Night) August 15

  3. Cyber – Governance, Risk and Compliance Cyber Security FM (Women in ICT and Newbie Night) August 15

  4. Cyber Security can be difficult to define.. Integrity Auditability Confidentiality Cyber Security FM (Women in ICT and Newbie Night) August 15

  5. Cyber risk - Think business risk, not IT Technology People Process • Firewalls • Employees • Incident Management • Anti-virus • Contractors • Change Management • DLP (Data Loss Prevention) Vendors Patch Management • • device Cyber Security FM (Women in ICT and Newbie Night) August 15

  6. NSA Data Breach Firewall An American computer professional, former CIA employee, and former government contractor. He leaked classified information from the U.S. National Security Agency (NSA) in 2013 to reveal secrets about NSA Are we secure surveillance programs. yet? Cyber Attack on US Military Security The attackers used a spear-phishing e- Breach mail to penetrate the system and gain access to sensitive information. This attack was made possible by poor human performance. Cyber Security FM (Women in ICT and Newbie Night) August 15

  7. Threat elements of a Cyber attack Motive Property Description Examples  Hackers  Actor Person at the source of an attack with specific goal and motivation. Employees  Third Parties  To steal personal information Motive Deliberate or accidental  Damage reputation  Sensitive data Assets which the threat actor intends to steal or affect in some way to achieve  Asset Mail server their goals.  Staff member  Disclosure of Information Outcome The effect of an attack.  Service Disruption Cyber Security FM (Women in ICT and Newbie Night) August 15

  8. Threat Scenario – Company X Data Breach PII (Personally Identifiable Personal information stored Company X (Healthcare Backup tapes stolen during in backup tapes transferred Data), PHI (Personal Health transportation Service Provider) Information) to a bank safe Risk Actor Asset Risk Impact Mitigating Controls What is the attacker What is the business risk? Who performs the attack? What is the potential impact? What can we do to mitigate the risk? targeting? Data Breach – Company X  Employee Sensitive data Loss of confidential or People is breached and sensitive  PII (Personally sensitive data resulting in  Security training and awareness information is stolen. Identifiable Data) financial, reputation or for third party service provider  PHI (Personal Health compliance impact. Information) Process  Safe transportation of back up tapes Technology  Encryption of backup tapes Cyber Security FM (Women in ICT and Newbie Night) August 15

  9. Security Assessment / Pentest Cyber Security FM (Women in ICT and Newbie Night) August 15

  10. Pentest Try to break into things • Single, “point -in- time” check • As much coverage as we can Provide invalid input • Is an application expecting a number? Give it ‘ OR ‘1’=‘1 • Is an application expecting a filename? Give it ../../../etc/passwd • Is an application expecting a URL? Give it file:// or supply a hostname and a port number Cyber Security FM (Women in ICT and Newbie Night) August 15

  11. Demo - SQLi Cyber Security FM (Women in ICT and Newbie Night) August 15

  12. Demo - SQLi Try using a single quote for a password: Cyber Security FM (Women in ICT and Newbie Night) August 15

  13. Demo - SQLi query expression 'username = 'admin' AND password = ''''. query expression 'username = 'admin' AND password = ''''. query expression 'username = 'admin' AND password = '1' OR '1'='1''. Huzzah ! Cyber Security FM (Women in ICT and Newbie Night) August 15

  14. “The Magic” Carefully passed down through generations of pentesters • Single quote: breaks SQL statements • Percent sign: breaks SQL LIKE • Double quote: breaks DOM attributes, string concatenation • Angle bracket: breaks DOM when inserted directly into DOM • ../: breaks when string is part of the filename • Semicolon: breaks shell/interpreters, breaks when string is a filename (and filtering for ../) • Asdf: Invalid syntax, designed to trigger an error • Double forward slash, double hyphen, # sign: Comment. Invalidates rest of original command I will give you $10 if you enter this into every field for a week and nothing breaks. Cyber Security FM (Women in ICT and Newbie Night) August 15

  15. Using “The Magic” Proxy • Intercept traffic, manually replace parameters • Burst (https://github.com/tweksteen/burst) • Burpsuite In-browser • Put things in the URL • Write a browser plugin • Developer tools (to reveal hidden fields) Cyber Security FM (Women in ICT and Newbie Night) August 15

  16. If you’re interested… Wargames • Google Gruyere • Exploit-exercises.com • Vulnhub • Bugcrowd Tools and techniques • Learn systems very thoroughly • Learn a low-level programming language • Learn something like Perl – flexibility is awesome Cyber Security FM (Women in ICT and Newbie Night) August 15

  17. Thank you! Cyber Security FM (Women in ICT and Newbie Night) August 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Newbie Programming for Dummies (Or highly inexperienced experts) Who are We? Clyde Bazile John

Newbie Programming for Dummies (Or highly inexperienced experts) Who are We? Clyde Bazile John

Newbie Programming for Dummies (Or highly inexperienced experts) Who are We? Clyde Bazile John Anukem Sebastien Siclait Braxton Gunter Terence Jacobs Why Newbie? What can a Newbie do? Comment # Im such a noob # enter code below

326 views • 11 slides
2018 MACKAY HOCKEY PRESENTATION NIGHT AWARD WINNERS Minor Premiers A1 Women: Norths A1 Men:

2018 MACKAY HOCKEY PRESENTATION NIGHT AWARD WINNERS Minor Premiers A1 Women: Norths A1 Men:

2018 MACKAY HOCKEY PRESENTATION NIGHT AWARD WINNERS Minor Premiers A1 Women: Norths A1 Men: Norths A2 Women: Norths A2 Men: Arsenals A3 Women: Norths Maroon A3 Men: Arsenals Black A4 Women: Norths Masters Men: Souths Masters Women:

63 views • 3 slides
As an Engineer Newbie Engineer Graduate Mentor Colleag ague ues. Headhun hunte ted d or

As an Engineer Newbie Engineer Graduate Mentor Colleag ague ues. Headhun hunte ted d or

Marketing Yourself As an Engineer Newbie Engineer Graduate Mentor Colleag ague ues. Headhun hunte ted d or Given a Special ial Throw Again in. Promotio ion. Start rt Again in. Starting Out Not One Solution Fits All I want to

259 views • 25 slides
And Chemosh said to me: Go, take Nebo from Israel! So I went by night and foughtagainst it from

And Chemosh said to me: Go, take Nebo from Israel! So I went by night and foughtagainst it from

And Chemosh said to me: Go, take Nebo from Israel! So I went by night and foughtagainst it from the break of dawn until noon, taking it and slaying all, seven thousand men, boys, women, girls, and maidservants; for I had devoted them to

57 views • 3 slides
WOMEN-POWERED PROSPERITY Women at the Center Women at the Center No country can ever truly

WOMEN-POWERED PROSPERITY Women at the Center Women at the Center No country can ever truly

WOMEN-POWERED PROSPERITY Women at the Center Women at the Center No country can ever truly flourish if it stifles the potential of its women and deprives itself of the contributions of half of its citizens - Michelle Obama Women at the

554 views • 54 slides
WOMEN TOGETHER Together Films and Women and Hollywood are creating a transatlantic partnership,

WOMEN TOGETHER Together Films and Women and Hollywood are creating a transatlantic partnership,

WOMEN TOGETHER Together Films and Women and Hollywood are creating a transatlantic partnership, Women Together , to give visibility to women created and women centric content. A film doesnt exist until an audience has seen it The

259 views • 24 slides
How a Newbie Can Start Building Wealth Through Real Estate A Free Webinar From Hosted by

How a Newbie Can Start Building Wealth Through Real Estate A Free Webinar From Hosted by

How a Newbie Can Start Building Wealth Through Real Estate A Free Webinar From Hosted by Brandon Turner! Co-host of the BiggerPockets Podcast WORKSHEET: www.BiggerPockets.com/930worksheet WORKSHEET: www.BiggerPockets.com/930worksheet

1.25k views • 109 slides
Analog night vision devices April, 2020 ANALOG NIGHT VISION DEVICES Night vision devices

Analog night vision devices April, 2020 ANALOG NIGHT VISION DEVICES Night vision devices

Analog night vision devices April, 2020 ANALOG NIGHT VISION DEVICES Night vision devices amplify the rest light in the night so the user gets a brighter image for observing Night vision devices operate in the visible and also

378 views • 11 slides
THE EARTH CYCLES By: Chrissy What Causes Day and Night The sun causes day and night as the

THE EARTH CYCLES By: Chrissy What Causes Day and Night The sun causes day and night as the

THE EARTH CYCLES By: Chrissy What Causes Day and Night The sun causes day and night as the earth rotates around the sun. The sun 's rays hit different parts of the earth causing day and night. WHAT IS THE SUN The sun is a burning ball

419 views • 12 slides
Hollywood In the film What Women Want , Mel Gibsons character becomes able to What Women

Hollywood In the film What Women Want , Mel Gibsons character becomes able to What Women

Hollywood In the film What Women Want , Mel Gibsons character becomes able to What Women Clients Want hear the thoughts of women. He uses this to advance his advertising career. slides by Gary W. Oehlert, rev. by S. Weisberg We cannot read

473 views • 8 slides
TH THE E SU SUN N AND TH AND THE E EAR EARTH TH All Ab About out Day y and Night ght

TH THE E SU SUN N AND TH AND THE E EAR EARTH TH All Ab About out Day y and Night ght

TH THE E SU SUN N AND TH AND THE E EAR EARTH TH All Ab About out Day y and Night ght Ex Explaining laining Day an y and d Nigh ght Ancient cultures explained day and night The Egyptian sun god, Ra, traveled across the sky

207 views • 9 slides
Womans Market Women without her man , is nothing.. Women, without her, MAN is nothing. If

Womans Market Women without her man , is nothing.. Women, without her, MAN is nothing. If

Womans Market Women without her man , is nothing.. Women, without her, MAN is nothing. If the shoe fits. Vroue en finansile onafhanklikheid n Vrou kry dikwels die boodskap uit die samelewing dat iemand anders vir haar

327 views • 28 slides
Women, Coaching, and Title IX A Presentation by Emily Carr What Happened? 1972: % of women

Women, Coaching, and Title IX A Presentation by Emily Carr What Happened? 1972: % of women

Women, Coaching, and Title IX A Presentation by Emily Carr What Happened? 1972: % of women coaching women is 90% 2016: % of women coaching women is 43% Why??? What I found Factors Included The economy Gender wage gap Change in

78 views • 7 slides
WHAT WHAT WOMEN WOMEN WANT WANT Best practice in gender diversity. PROFILE MASTERCLASS

WHAT WHAT WOMEN WOMEN WANT WANT Best practice in gender diversity. PROFILE MASTERCLASS

Volume 1 Issue 4 www.womenlegalmagazine.com June August 2009 WHAT WHAT WOMEN WOMEN WANT WANT Best practice in gender diversity. PROFILE MASTERCLASS Asylum seekers, torture survivors and Men and women use body language trafficking.

306 views • 5 slides
Women in Politics Yvonne Galligan Centre for Advancement of Women in Politics Queens

Women in Politics Yvonne Galligan Centre for Advancement of Women in Politics Queens

Women in Politics Yvonne Galligan Centre for Advancement of Women in Politics Queens University Belfast Women in Politics comparisons Table 1. Women in Devolved Assemblies, 1998- 2012 (%) Assembly of Wales Scottish Parliament Northern

285 views • 11 slides
Role of the Ministry for Women and other agencies Ministry for Women the Governments

Role of the Ministry for Women and other agencies Ministry for Women the Governments

Closing the gender pay gap Role of the Ministry for Women and other agencies Ministry for Women the Governments principal advisor on issues affecting 2.5 million women and girls in Aotearoa. A policy influencing agency; we do not

184 views • 14 slides
Midterm Review Tyler Moore CSE 3353, SMU, Dallas, TX , 2013 Portions of these slides have been

Midterm Review Tyler Moore CSE 3353, SMU, Dallas, TX , 2013 Portions of these slides have been

Notes Midterm Review Tyler Moore CSE 3353, SMU, Dallas, TX , 2013 Portions of these slides have been adapted from the slides written by Prof. Steven Skiena at SUNY Stony Brook, author of Algorithm Design Manual. For more information see

459 views • 9 slides
Collaborative Discussions Steve Smith September 5, 2002 The Herd Departs

Collaborative Discussions Steve Smith September 5, 2002 The Herd Departs

Collaborative Discussions Steve Smith September 5, 2002 The Herd Departs Date Steve Smith Nanobeams 2002 Slide # Chateau Gruyeres

336 views • 9 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 7 Malicious Software DD2395 Sonja Buchegger 1 Course Admin l Lab 2: - prepare before lab session - signup!

844 views • 39 slides
Multidimensional Scaling Max Turgeon STAT 4690Applied Multivariate Analysis Recap: PCA

Multidimensional Scaling Max Turgeon STAT 4690Applied Multivariate Analysis Recap: PCA

Multidimensional Scaling Max Turgeon STAT 4690Applied Multivariate Analysis Recap: PCA We discussed several interpretations of PCA. Pearson : PCA gives the best linear approximation to the data (at a fjxed dimension). We also

708 views • 54 slides
Lei Tang, Yanjun Sun, Omer Gurewitz, and David B. Johnson Presentation at IEEE INFOCOM 2011,

Lei Tang, Yanjun Sun, Omer Gurewitz, and David B. Johnson Presentation at IEEE INFOCOM 2011,

PW-MAC: A Predictive-Wakeup MAC Protocol for Wireless Sensor Networks Lei Tang, Yanjun Sun, Omer Gurewitz, and David B. Johnson Presentation at IEEE INFOCOM 2011, April 2011 PW-MAC objectives Minimize energy consumption both at senders and at

709 views • 31 slides
RNA-seq Data Analysis Introduction to RNA-seq data analysis September, 2018 1 Guillermo Parada

RNA-seq Data Analysis Introduction to RNA-seq data analysis September, 2018 1 Guillermo Parada

RNA-seq Data Analysis Introduction to RNA-seq data analysis September, 2018 1 Guillermo Parada < gp 7@ sanger.ac.uk > Ashley Sawle < Ashley.Sawle @ cruk.cam.ac.uk > (Designed by Luigi Grassi < lg 490@ medschl.cam.ac.uk > )

447 views • 16 slides
Strategies for Bulk RNA-seq Analysis Genome Transcriptome Assembly Mapping Mapping Reads

Strategies for Bulk RNA-seq Analysis Genome Transcriptome Assembly Mapping Mapping Reads

Strategies for Bulk RNA-seq Analysis Genome Transcriptome Assembly Mapping Mapping Reads Reads Reads RSEM, Trinity, STAR, Kallisto, Scripture, HISAT2 Sailfish, Stringtie Salmon Splice-aware Transcript mapping Assembly into

622 views • 8 slides
WCTF2019: Gyotaku The Flag icchy, TokyoWesterns Some thoughts about challenge designing The best

WCTF2019: Gyotaku The Flag icchy, TokyoWesterns Some thoughts about challenge designing The best

WCTF2019: Gyotaku The Flag icchy, TokyoWesterns Some thoughts about challenge designing The best strategy for WCTF: make a super difficult challenge how? Multiple step (I did so far btw) 2017: 7dcs (PPC, Crypto, Web, Reverse,

441 views • 32 slides

More recommend