Report from EHS/EES (Liberia) to the 14 th . Annual Convention Minneapolis/St. Paul, Minnesota
October 28–30, 2019 | Minneapolis Convention Center...October 28–30, 2019 | Minneapolis...
Transcript of October 28–30, 2019 | Minneapolis Convention Center...October 28–30, 2019 | Minneapolis...
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
October 28–30, 2019 | Minneapolis Convention Center
cybersecuritysummit.org | #cybersummitmn
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Pluck Yew!!!
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Battle of Agincourt (Failed Strategy)
• Disjointed French Leaders
• Muddy conditions weighed down French knights
• Longbow – more powerful
• French Armor did not protect French casualties severe 10,000
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Verizon Data Breach Investigations Report§ In-depth research§ Informative data visualizations§ Just enough Snark
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
VERIS• “Consistent,
unequivocal collection of security incident details– Common language for
describing security incidents in a structured and repeatable manner.
– Basis for enumeration
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Executive Summary - Victims
Small Business
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Executive Summary - Commonalities
Detection
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Breach Timeline
Detection
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Incident Classification Patterns
Drop POS
Cloud Based Email Servers
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
EXIM vulnerabilities
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Industry Comparison - Patterns
Web App
IncreaseCyber Espionage
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Industry Comparison - Action
Drop in Accommodation
IncreasePublic
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Mobile
There is evidence that some actors are expanding fromtraditional user devices and beginning to target mobile
Research points to users being significantlymore susceptible to social attacks theyreceive on mobile devices.
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Financially-Motivated Social Engineering (FMSE)• Financial Pretexting• Phishing Attacks
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Is the Phishing Training working
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Industry Specific Sections
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn
Summary• Web Attacks• Cloud Based Email Servers• Privilege Misuse• FMSE• Miscellaneous Errors• Detection is Still slow• Phishing may be decreasing
October 28–30, 2019 | Minneapolis Convention Centercybersecuritysummit.org | #cybersummitmn