Hi [[ session.user.profile.firstName ]]

Network security, seriously? 2016 Network Penetration Tests

The results of all the network penetration tests conducted by the First Base team over the past year have been analysed by Peter Wood. The annual review covers clients in a variety of sectors including banking, insurance and retail. This presentation identifies the most common vulnerabilities, how they can be exploited and the consequences for each business. Learn in detail how criminals can take advantage of these weaknesses and how you can secure your networks using straightforward techniques.
Recorded Sep 7 2016 46 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Peter Wood
Presentation preview: Network security, seriously? 2016 Network Penetration Tests

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Network security, seriously? 2016 Network Penetration Tests Recorded: Sep 7 2016 46 mins
    Peter Wood
    The results of all the network penetration tests conducted by the First Base team over the past year have been analysed by Peter Wood. The annual review covers clients in a variety of sectors including banking, insurance and retail. This presentation identifies the most common vulnerabilities, how they can be exploited and the consequences for each business. Learn in detail how criminals can take advantage of these weaknesses and how you can secure your networks using straightforward techniques.
  • The Next Generation of Cyber Crime is here Recorded: Aug 9 2016 47 mins
    Rob Coderre
    Evolving tactics, techniques and procedures (TTPs) of online criminal actors have left a number of notable victim organizations in their wake and raised the bar for the security teams and law enforcement agencies that have sworn to protect them. From the migration of online criminal markets to an even deeper underground, to online extortion making a big comeback in novel ways, to increasingly effective malware crafted to steal more money and private information, if you are a potential target for online criminals, you are up against a greater cyber criminal threat than in years past.
  • Infosecurity 2016: Cyber Security in the Financial Sector Recorded: Jun 15 2016 7 mins
    Ian Glover, President, CREST & Josh Downs, Community Manager, BrightTALK
    - BrightTALK at Infosecurity Europe 2016 -

    BrightTALK were delighted to be joined by President of CREST and Industry-leading thinker Ian Glover in London at Infosecurity Europe.

    Ian covered key information security topics such as the notable recent breaches in the financial world and why the banks keep getting hacked; the principal threat actors and attack vectors; the main vulnerabilities to critical infrastructure; the enduring benefit of pentesting and cyber security is such an attractive career choice.
  • You’re The One That They Want: Targeted Threats and You Recorded: Jun 15 2016 46 mins
    Don Smith, SecureWorks, Ian Glover, CREST & Peter Wood, First Base Technologies
    The rise in targeted threats means that security teams must move beyond a general understanding of the threat landscape, to a detailed understanding of their own context and the ability to spot threats targeted at their specific organisation.

    In a world of information-overload and an explosion in communication channels, how do you sift through the noise and identify true threats to your business?

    Key themes:

    •The challenges faced by organisations from the rise in targeted threats
    •Limitations of security processes in protecting from targeted threats
    •How to gain early visibility into the threats targeting your particular organisation

    Don Smith leads the CTU™ Cyber Intelligence Cell: a team of experienced threat analysts who, through the application of established intelligence practices, deliver actionable and timely intelligence products on the threats most relevant to SecureWorks clients. Don also leads the CTU research team in EMEA.

    Don joined SecureWorks in 2005 and, since then, has been instrumental in establishing a CTU presence in EMEA and building important relationships for SecureWorks in the region. His enthusiasm and threat expertise means that he regularly represents SecureWorks at industry events in EMEA. Don has 24 years’ experience in the IT industry and was previously responsible for security architecture and operations for a multi-billion enterprise, where he took a lead role in successfully integrating 14 acquisitions. He is a recognized subject-matter expert many areas of cybersecurity and advises SecureWorks and SecureWorks’ clients globally.
  • Risk-based Security - Fighting Unlimited Threats with Limited Resources Recorded: May 10 2016 37 mins
    Irene Michlin, Managing Security Consultant, NCC Group
    Even the most security-minded organisation has limited budget and staff. How to decide where to spend these resources to provide maximum benefit to your organisation?

    In this webinar Irene Michlin will discuss how your organisation can establish a repeatable process for decision making in such areas as:
    •What and when to test
    •Which threats urgently require mitigation
    •What security training your staff needs
  • Using Targeted Intelligence to Direct Your Technology Policy Recorded: Feb 16 2016 49 mins
    Jules Pagna Disso, Head of Research and Development, Nettitude
    The success of cyber threat intelligence is measured by its effectiveness in reducing the impact of malicious actors. It is therefore important to understand the economy of malware in order to break the chains of success of such economy. Such success needs to be materialised by a change in attitude, policies and configurations.

    Whilst applicable to most organisations, most examples used during this seminar will feature the financial sector and aim to:

    · Analyse the core components of the economy of malware

    · Analyse how to gather intelligence to reduce the impact of malicious actors

    · Show how to use the intelligence gathered to improve the security posture of the organisation
  • Top 5: Reasons You Should Consider a Career in Cyber Security Recorded: Jan 7 2016 3 mins
    Ian Glover, President, CREST
    CREST President Ian Glover gives his Top 5 reasons that a Cyber Security Career should be of interest to you...
  • Putting Penetration Testing in Context Recorded: Dec 1 2015 45 mins
    Paul Midian, Chairman, CREST
    Penetration testing is just one element in the overall process of obtaining confidence in the cyber security of the organisation. Consideration to security must be given in the architectural design of networks and the coding of applications and website. Where this is not the case penetration testing will provide an indication of what should be done to retrospectively apply security or to provide a ‘patch’ to make things better.

    Many investigations of cyber attacks have highlighted that the system has been compromised for some time, often years, without the system owner knowing. The penetration test provides an insight into the internal controls and the ability of the SOC or NOC to identify attacks. If the test is conducted and there is no indication that it has been detected, it is highly likely that real attacks have not been detected either and further analysis is required.

    It must be recognised that no security is impenetrable and therefore the ability to react to a cyber security incident is really important. The penetration testing is essential to test the organisation’s ability to respond. The statement that a penetration test will be quickly out of date is valid to some extent but without it the organisation is blind to the types of threats it is exposed to and the vulnerabilities in the systems. To be effective the testing programme must be placed in context and the links between assurance activities fully understood.
  • Top 5: Reasons You Should be Scared of Your Customers Recorded: Nov 25 2015 4 mins
    Ken Munro, Senior Partner, Pen Test Partners LLP & CREST Executive
    We caught up with Pen Test Partner's Ken Munro, to get his Top 5 reasons that you should be scared of your customers.
  • Effective Cyber Security Monitoring and Incident Response Recorded: Oct 13 2015 42 mins
    Jason Creasey, Information Security Consultant, Jerakano
    Jason will introduce some of the major challenges associated with monitoring and logging cyber security events, highlighting the need to identify indicators of compromise at a much earlier stage and in a more consistent, insightful manner.

    He will present a cyber-security monitoring framework, emphasising the benefits of taking a balanced, intelligence-led approach, based on fundamental log management and situational awareness. He will then look at what a cyber-security incident actually is and outline how to prepare for and respond to a cyber-security incident effectively – ensuring that it is properly followed up - helping to reduce the frequency and impact of future cyber security incidents.

    Finally, Jason will introduce a cyber-security incident response maturity model, showing how you can measure the maturity of a cyber-security incident response capability.
  • How Do You Attract The Best Young Talent into Careers With an Image Problem? Recorded: Jul 13 2015 47 mins
    Ian Glover, President of CREST
    While most parents would be delighted if their offspring wanted to become an accountant, lawyer or even an actuary, they may be less encouraging if their son or daughter said they wanted to be a hacker. This is the negative manifestation of working in the cyber security industry that is often portrayed in the media. The reality is very different, with careers in cyber security providing fantastic opportunities that are hugely varied, really challenging and help to do good for society.

    Structured career paths provide an opportunity to progress quickly with jobs in large audit and accountancy firms through to small specialist boutique start-ups, as well as the chance for international work and creating new businesses. In addition, the whole industry is very diverse and is looking for people with a very wide range of talents.

    The problem is how do we communicate this to people who may be interested in the industry? Just as important for young people, how do we get to the influencers; their parents and their careers advisors to understand what an exciting place the cyber security industry is to work in and what they can expect in terms of the types of company they could work for and their salary expectations.

    The problem can be partially solved through education, information and support from businesses working together with a consistent message designed to encourage the very best people into the industry.

    In this presentation, Ian Glover from CREST will look at the challenges of attracting the brightest young people into careers that traditionally have an image problem and providing a strong career path once they are in. In particular, he will focus on the importance of properly-run internships and Government funded initiatives to educate and inform.
Assurance in Information Security
CREST represents the technical information security industry by:

- Offering a demonstrable level of assurance of processes and procedures of member organisations
- Validating the competence of their technical security staff
- Providing guidance, standards and opportunities to share and enhance knowledge
- Providing technical security staff recognised professional qualifications and those entering or progressing in the industry with support with on-going professional development

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Network security, seriously? 2016 Network Penetration Tests
  • Live at: Sep 7 2016 10:00 am
  • Presented by: Peter Wood
  • From:
Your email has been sent.
or close