Alex Pierce, Systems Engineer (Arctic Wolf Networks)
RECORDING:
ABSTRACT
Cybercrime is big business and attackers have evolved. Today, cybercrime has become a $1.5 trillion dollar industry and that number is increasing. The barriers for attacks have been lowered, and the rewards have never been higher. So, who are these cybercriminals and how does an organization protect itself? Our discussion will focus on the common motives and methods of cybercriminal groups along with strategies on how to develop an effective security operations program to safeguard your environment.
BIOGRAPHY
Alex is a CISSP certified, experienced, and motivated Security Systems Engineer based out of Vancouver, British Columbia. In his current role as an Arctic Wolf Systems Engineer, he is responsible for creating innovative technical solutions to solve customers’ complex business issues and objectives.
FEARLESS – Why the business does not think cybersecurity is a problem
PRESENTER:
Elson Kung (CISA, PMP)
RECORDING:
ABSTRACT
Every day, our newsfeed is cluttered with news of ransomware, data exfiltration, stolen crypto, phishing, supplier attacks, and even DDoS. To us, there is no doubt that the cyber landscape is fraught with dangers. The organizations we are working so hard to secure are always only a hair away from becoming the next headline. As technology and security professionals, we know this. But what about the business? Are they just as aware of the threats? Are they prioritizing the organizations’ resources to fight cybercrime? If the answer is “No” to either of these questions, they are probably naive to the risk they face, and think that bad things can only happen to others, right? Certainly, they are negligent in their duties, and could care less about their organizations’ proprietary information, their customers’ PII, and their third parties’ information? Or are they simply arriving at the wrong conclusion despite having done their utmost due diligence?
In this session, we will consider the different frames of mind and explore potential solutions to correct the business’ view that cybersecurity deserves some, but not more attention. We will discuss how to steer them with effective operational and risk management approaches so they are just as vigilant as we are.
BIOGRAPHY
Elson Kung is the founder and consultant of Cactimo. He has hands-on and leadership experience in operational risk management, guiding businesses to implement effective controls to reduce a diverse array of risks including cyber security, third party, data privacy, financial reporting, regulatory compliance, resilience, and fraud. For over 25 years, he has worked in IT, various functions in the business, and the front-line of a company with $128 billion of assets and $2.5 billion of income in 2022.
A former president of ISACA Vancouver Chapter, he now serves on the board of BCG Counselling Group, the Provincial Security Advisory Council of BC, and is a Toastmasters area director. He also volunteers, runs, hikes and bikes.
We are seeing a shift on the threat landscape where cybercrime, including ransomware, is becoming more destructive and targeted towards high valued assets and services. Nation state attacks that target critical infrastructure, government and healthcare are now having an impact across the entire attack surface including businesses’ IT networks. This is the result of the converging threat landscape, where nation state threat actors are working jointly with cybercriminal enterprise, hitting IT and OT networks in tandem. Businesses that were not concerned of being a target from sophisticated APT attacks in the past, are now impacted. Similarly the public sector is further impacted by the larger threat of cybercrime. This elevated game from the adversary has raised the level of risk to organizations to a high watermark never seen before. FortiGuard Labs observed an increase of nearly 100% in 1H 2022 of ransomware variants, driven by the Ransom-as-a-Service (RaaS) model and a growing cybercriminal workforce.
BIOGRAPHY
Derek Manky plays a strategic and visionary role in consulting with leading CSOs/CISOs of Fortune 500 companies worldwide across multiple industries, bringing with him over twenty years of cyber security experience. He leads FortiGuard Labs’ Global Threat Intelligence Team. Mr. Manky has established frameworks in the security industry including responsible vulnerability disclosure, which has exercised the responsible handling of over 1000 zero day vulnerabilities. Manky has been with the Cyber Threat Alliance since it was founded in May 2014 and sits on the steering committee. He has helped to build collaborative platforms in the cyber security industry for over 15 years. Manky collaborates with global forums and expert groups alongside leading political figures, key policy stakeholders and law enforcement, including the World Economic Forum C4C, NATO NICP, INTERPOL, and FIRST.org. His vision is applied to help shape the future of proactive cyber security, with the ultimate goal to make a positive impact towards the global war on cybercrime.
Zoom Online meeting Please obtain passcode to enter meeting from email confirmation RSVP Required – register at Zoom
TOPIC(S):
Learning through law: Building a better defense by studying real legal cases
PRESENTER(S):
Chester Wisniewski (Principal Research Scientist, Sophos)
ABSTRACT
While we are inundated by headlines of cybercriminals hacking everything that moves, we seldom have the opportunity to learn how they go about their trade craft. Often stories are distilled to simple things like “didn’t patch” or “phishing attack”. The complexities of real life events are far deeper. We can use the openness of our legal system to discover how these attacks actually unfolded for those who we are fortunate enough to apprehend, or at least charge with a crime. This talk will analyze a dozen recent indictments and US Grand Jury documents to learn the tricks, tools and techniques used in some of the most well known recent cyber attacks.
BIOGRAPHY
Chester Wisniewski is a principal research scientist at Sophos. With more than 25 years of professional experience, his interest in security and privacy first peaked while learning to hack from bulletin board text files in the 1980s, and has since been a lifelong pursuit.
Chester analyzes the massive amounts of attack data gathered by SophosLabs to distill and share relevant information in an effort to improve the industry’s understanding of evolving threats, attacker behaviors and effective security defenses. He’s helped organizations design enterprise-scale defense strategies, served as the primary technical lead on architecting Sophos’ first email security appliance, and consulted on security planning with some of the largest global brands.
As a former President of the Vancouver SecSIG he is grateful for no longer being responsible for the meetings, but excited to continue to share and contribute to the security knowledge of our community. You may recognize me from my appearances on Global News(https://t.co/VWNBOja8Iv), CBC and CTV if you are old enough to still watch news on a TV.
Zoom Online meeting Please obtain passcode to enter meeting from email confirmation RSVP Required – register at Zoom
TOPIC(S):
Threat landscape 2020: A deep dive on the threats we face and how we can successfully combat cybercrime
PRESENTER(S):
Chester Wisniewski (Principal Research Scientist, Sophos)
A portion of this meeting will be dedicated to the AGM. Where possible we will use Zoom polls.
ABSTRACT
Part 1 – Know thy enemy. There is no point in defending against attackers that aren’t there. The inverse could be worse, being unprepared for what is out there. The pace of change by cybercriminals is driven by money, which means it never stands still for long.
Part 2 – How we can use COVID-19 to our advantage. Most security minded people are in a constant struggle to modernize and justify budgets to effectively train their staff and make modern efficient tools available. COVID-19 not only changed the threatscape, it has presented opportunities to IT security teams to up their game.
Part 3 – Targeted ransom deep dive. These attacks have achieved unbelievable success and profit for the skilled criminals behind them. I will walk you through a typical attack and demonstrate the TTPs and cleverness that goes into hamstringing their victims.
Part 4 – Parting defensive thoughts. How we view our networks and the people who defend them is evolving with the threats. Many organizations who make headlines after being victimized have not evolved and sometimes even been culled from the herd. I will wrap up providing my advice on how to modernize your approach to protecting your data.
BIOGRAPHY
Chester Wisniewski is a principal research scientist at Sophos. With more than 25 years of professional experience, his interest in security and privacy first peaked while learning to hack from bulletin board text files in the 1980s, and has since been a lifelong pursuit.
Chester analyzes the massive amounts of attack data gathered by SophosLabs to distill and share relevant information in an effort to improve the industry’s understanding of evolving threats, attacker behaviors and effective security defenses. He’s helped organizations design enterprise-scale defense strategies, served as the primary technical lead on architecting Sophos’ first email security appliance, and consulted on security planning with some of the largest global brands.
As a former President of the Vancouver SecSIG he is grateful for no longer being responsible for the meetings, but excited to continue to share and contribute to the security knowledge of our community. You may recognize me from my appearances on Global News, CBC and CTV if you are old enough to still watch news on a TV.
