CISSPs: Information Security Isn’t Just Your Responsibility

As the security industry has continued to underinvest in the human element of security, phishing has become the top attack vector for cyber criminals. Breaches continue to occur in record numbers, identification takes an exorbitantly long time, and the most preferred target is an organization’s human assets. Empowering human assets to provide vetted intelligence into your incident response teams is often overlooked. Every organization has these human sensors, and there’s a natural desire for these employees to want to help.

In this presentation, you will learn:

• Why the cybersecurity industry is broken
• How to reduce susceptibility to human-targeted attacks
• How to empower users to become human sensors to recognize and report suspected attacks

Join PhishMe and (ISC)² on Jun 21 (Wed) at 13:00 (Singapore time) and learn how you can empower your team and protect your organization from phishing attacks.

参加这个网络研讨会，您可获取DDoS及Web应用攻击的流量和趋势的概览及深度分析。

Akamai每天都承载了全球 15%到30%的Web流量，因此可以观察到大量的互联网攻击，从包含SQL注入的恶意HTTP请求，到规模高达650Gbps的DDoS攻击。我们的安全专家会对此信息进行分析，对相关趋势和发现进行分享，这些信息都包含在我们按照季度发布的互联网现状/互联网安全现状报告中。我们将在本系列在线研讨会中发布相关信息。

主要话题：
- 互联网现状报告中的全球网络流量概况
- APJ区域的网络攻击情况
- IoT（物联网）僵尸网络是如何改变APJ地区网络攻击的拓扑结构的
- IoT的安全责任

参加Akamai 和 (ISC)² 在06月07日下午2：00至3：00的在线论坛《互联网现状/互联网安全现状报告——最新DDoS及Web App攻击趋势概览》，获取DDoS及Web应用攻击的流量和趋势的概览及深度分析，还等什么？赶紧加入我们吧。

아카마이는 방대한 양의 데이터를 분석하여 전세계 인터넷 보안에 대한 가장 정확도 높은 가시성을 제공하는 인터넷 보안 현황 보고서(State of the Internet Security Report)를 매 분기마다 발표하고 있습니다.

해당 보고서를 통해 살펴보면 인터넷 상의 위협 트렌드가 최근 크게 변화하고 있다는 것을 알 수 있으며, 무엇보다도 IoT 기반의 봇넷을 활용한 DDoS 공격의 등장으로 최대 650Gbps에 이르는 대형 공격들이 벌어지고 있음을 확인할 수 있습니다.

본 웨비나에서는 가장 최근에 발표된 인터넷 보안 현황 보고서를 기반으로 아래와 같은 내용들을 중점적으로 살펴볼 예정입니다.

- 최근 인터넷 보안 현황 보고서를 통해 알아보는 글로벌 주요 보안 이슈들
- 아시아 지역에서 발생한 보안 공격 통계
- IoT 봇넷이 아시아 지역의 보안에 가져온 영향
- IoT 보안 대비의 중요성

As an organization that delivers and protects 15-30% of the world’s web traffic on a daily basis, Akamai is uniquely positioned to observe a large amount of attacks ranging from 20 malicious HTTP requests containing SQL injection to DDoS attacks up to 650 Gbps. Our security experts analyze this information and share trends, observations, and findings in our quarterly State of the Internet / Security Report. We will present this information and associated insights in this webinar series.

In this webinar, you will learn:

• A summary of global findings from the State of the Internet Report
• Attack statistics for APJ
• How IoT botnets have changed the attack topology in APJ
• The responsibilities for security of IoT

Join Akamai and (ISC)² on May 24 (Wed) at 13:00 (Singapore time) for an overview and analysis of traffic and trends from Distributed Denial of Service (DDoS) and web application attacks.

近年来，网络犯罪日益组织化、自动化，结合外包欺诈技术的运用，使伪装在商业包装下的种种威胁变得更复杂，更难以发现。网络犯罪的产业化态势，使得组织很难迎头赶上：疲惫的安全团队所依赖的漏洞检测及应对工具，与犯罪分子采用的攻击策略不相匹配。如此情形下，最好的解决方案是什么？安全官们应如何面对日益增长的网络犯罪产业化的趋势？

据2016年高德纳公司的报告（Gartner report）显示：诸多组织采取“逐步降低风险、特定时间内进行漏洞与补丁管理”的方针。比如，许多漏洞管理程序把风险分为 “低、中、高和高危”四等级风险值的“通用漏洞评分系统（CVSS）”的分数，通常这些程序将成千上万的漏洞评为“高危”并需要即时修复。但此方式常常无效，因为诸多风险发生在与组织网络断开或未知区域中。

最新研究报告显示：大多数被黑客攻击或反复攻击的漏洞，已经在暗网(Dark Web)上进行交易了。通过识别这些漏洞（未知的或已知的），结合“通用漏洞评分系统（CVSS）”信息以及组织IT环境的逻辑关系，安全官们可以改变这一态势。他们能真正理解潜在威胁、严重漏洞，当然还有漏洞攻击的可能性。此Threat-centric漏洞管理方案考虑到组织内外的多种因素，从而逐步降低风险。这套崭新方案需要管理者理解组织受攻击的优先级：潜在的、紧急的、产生实际威胁的。采用这种方式，安全官们能够提高综合防御优势，了解对手及入侵者真正要攻击的漏洞、以及伪装的潜在威胁。

In recent years, cybercriminals have organized, automated and outsourced fraud techniques, resulting in an increase in commercial packages of complex threats. This productization of cybercrime is making it harder for organizations to keep up: the tools that overworked security teams rely on to discover and mitigate vulnerabilities don’t match the exploit tactics used by the criminals. So, what is the best approach in light of this dynamic threat landscape? How should security leaders stand up to the growing threat of industrialized cybercrime?

Recent reports show that the majority of successful breaches are executed by threat actors that use and re-use a subset of old vulnerabilities whose exploits are being commercially exchanged in the “Dark Web.” By identifying these vulnerabilities — those for which exploits exist in the wild and are being used in attacks — and combining this information with CVSS scores and contextual intelligence of an organization’s IT environment, security leaders can change the game. They gain a true understanding of not only the potential impact and severity of a vulnerability but also the probability of exploitation. This threat-centric vulnerability management augments gradual risk reduction by considering multiple factors inside and outside the organization. It’s a new approach to vulnerability management that requires comprehensive understanding of an organization’s attack surface combined with the prioritization of vulnerabilities by potential, imminent and actual threat levels. Using this approach, security leaders gain the advantage of integrated intelligence, including what vulnerabilities are truly being targeted by adversaries and threat actors in the wild.

Join Skybox Security and (ISC)² on May 10 (Wed) at 12:00 noon (Hong Kong time) to learn more about Commercialized Crimeware and Threat-Centric Vulnerability Management.

The Nuix Black Report takes a unique perspective on cybersecurity. Most security industry reports compile data about incidents that have already taken place or trends in data breaches—but these are clearly the symptoms of a deeper problem. Instead, Nuix has focused on the source of the threat landscape: the attackers themselves.

Join this webinar with report author and Nuix Chief Information Security Officer Chris Pogue to discover the true nexus between attacker methodology and defensive posture:

• Which countermeasures will actually improve your security posture (they’re not the ones you think)?
• What is the best spend for your security dollar and why?
• If hackers could speak to your CEO or board of directors, what would they say?

Join Nuix and (ISC)² on Mar 1 (Wed) at 13:00 (Singapore time) and find out what hackers are really thinking.

The Fourth Industrial Revolution is in all full swing with the Internet at its core. While the Internet is connecting everyone and everything it also connects us to a variety of nefarious threat actors, who have found ways to exploit and monetize many aspects of our digital world. In recent times, one area has been DDoS, which has become one of the top cyber threats du jour.

In this webinar, you will learn:

- Historical developments in the DDoS threat landscape
- How criminal operators are building out their botnets – discover, infect, operate and maintain
- Technical examination of new botnet trends such as the Mirai IoT botnet
- Architectural concepts and design for DDoS mitigation solutions - covering cloud and data centre environments
- Response strategies to defending and responding to DDoS attacks
- Predictions for future and next steps.

Join Akamai and (ISC)² on Feb 15 (Wed) at 13:00 (Singapore time) and learn about the DDoS threats of past, present and future.

Presenters:
- John Ellis, Chief Strategist, Cyber Security (Asia-Pacific & Japan), Akamai
- Michael Smith, Chief Technology Officer, Security (Asia-Pacific & Japan), Akamai

Moderator:
- Clayton Jones, Managing Director, Asia-Pacific, (ISC)²

One of the top CIO challenges is to maintain 100% uptime. Access to applications, data, and resources on the network is mission-critical for every organization. Downtime costs can be high and in various forms - loss of revenue and productivity, the cost of recovery and other intangible costs, such as damage to their reputation and brand value. Downtime is simply unacceptable. Hence, security for that network must be highly available and not cause any performance degradation of the network - in migration, deployment or through human error.

In this session, we will explore these questions:
• Is it possible to have no downtime when maintaining network security?
• What are the different causes of downtime?
• What are the different approaches to minimize downtime?
• How do you manage the costs to achieve 99.999% uptime in the network security solutions?

Join Forcepoint and (ISC)² on Dec 21 (Wed) at 1:00p.m. (Singapore time) and learn how to maintain 100% uptime.

現在、最も頻繁に用いられるサイバー攻撃のひとつとなったDDoS攻撃。Mirai Botnetに代表されるIoTを媒介する新たな攻撃手法によって、ビジネス停止のリスクがかつてないほど高まっています。実際にその攻撃を受け止めたAkamaiが観測した最新の攻撃データに基づき、現在のDDoSの特徴としくみ、その対策を用意する際に留意すべきポイントを中心に、企業Webを中心にしたシステムが今まさに直面しているリスクを解説します。

Data volumes are growing in both size and complexity; we have increasingly less control and awareness of the data we hold. In this session, we will highlight the benefits of information governance practices enabling organisations to build intelligence about their own data and identify their critical information assets. In the event of a data breach or security incident, this information provides actionable intelligence, allowing you to discover and respond to an incident before the matter escalates into a crisis.

Key takeaways:
1. Understand the basic principles required to understand your data
2. See how leveraging intelligence can get you to the answer faster
3. Extract hidden links and relationships with analytics

Join Nuix and (ISC)² on Dec 07 (Wed) at 02:00p.m. (Singapore time) in learning how to add intelligence to investigations (focus on data breach investigations).

Presenters:
- Stuart Clarke, Chief Technical Officer, Cybersecurity, Nuix
- John Douglas, Technical Director, First Response

Moderator:
SC Leung, CISSP, CCSP, CISA, CBCP;
Member, Asia-Pacific Advisory Council, (ISC)²

～ ウクライナの電力会社とバングラデッシュ中央銀行はどのように攻撃されたか ～

22万5千人の顧客の停電を起こしたウクライナの電力会社への攻撃と、8100万ドルが盗まれたバングラディッシュ中央銀行への攻撃は、特権アカウントを乗っ取られたハッキング事件でした。これらの事件がどのように起きたのか、特権アカウントがどのように悪用されたのか、そして、これらの事件を防ぐためには何ができたのか、をご紹介します。

大企業、大きな組織であれば、既にハッカーが侵入している可能性が低くありません。これらの攻撃から学べることは、侵入が発見されるタイミングより大分前に攻撃者は既にネットワークに入り込んでおり、どのようにネットワークの中で自由に動けるか、その方法を探していたということではないでしょうか。これがどのように行われたかを把握することによって、リスクを削減することが可能となります。

また、攻撃者の目的は、内部の人間になりすますことではありません。本当の目的は、攻撃者が狙っているものを「入手」すること。それは、お金、データ、または組織の運用を中断することかもしれません。今回のセッションでは、これらのリスクからどのように組織を守ることが出来るか、そして事例から何を学ぶ事が出来るかをご紹介します。

Most businesses prefer to control the day-to-day operations of their networks using their own resources. The increasing complexity of modern networks means that the overall acquisition, control and deployment for network security projects is far more challenging than before. With decreasing IT budgets and limited resources within high growth businesses; how are network teams expected to improve operational efficiency without sacrificing quality of service and service level agreements?

In a world that is fraught with new security exploits, maintaining operational efficiency with a low impact on resource and cost can be very difficult.

What are the best practices for maintaining an operationally efficient network security deployment? How do network teams stay on-top of daily routine tasks, such as policy configuration, upgrades and network security monitoring? How can network teams be enabled to focus on mission critical projects through automation?

Learn from case studies about network security and firewalls which enable the deployment of firewalls within highly distributed networks without sacrificing time or security.

Join Forcepoint and (ISC)² on Oct 26 (Wed) at 1:00p.m. (Singapore time) in learning the best practices on operational efficiency in network security.

Presenter: Michael Ferguson, Strategic Security Solutions Consultant, Forcepoint

Moderator: Clayton Jones, Managing Director, Asia-Pacific, (ISC)²

Next Generation Firewalls are Next Generation Firewalls…or maybe NOT.

In the light of new advanced attacks and the demands to lower security infrastructure costs, just how can one get the most out of the Next Generation Firewall (NGFW) solutions? Are all NGFW solutions the same?

What criteria should one consider for a NGFW solution that is best for your distributed enterprise environment? Join Forcepoint™’s Michael Ferguson and find out key value points when selecting a network security solution catered to your environment:

• Latest trends in NGFW
• Addressing total cost of ownership
• Security effectiveness in increasingly complex threat landscape
• Challenges in policy management

Also, find out why Forcepoint Stonesoft NGFW has won NSS Labs' coveted highest rating of “Recommended” for the 4th year in a row. Learn how it can provide the scalability, protection and visibility needed to effectively manage your distributed networks. Plus, rapidly and easily deploy, monitor and manage thousands of firewalls from a single pane of glass.

Phishing has been well established as the top entry method for hackers trying to access corporate networks. Yet, in spite of record spending on security technology, data breach reports continue to highlight the substantial lag between incident occurrence and detection.
That technology- those investments are failing while organizations continue to neglect their final and best line of defense – their employees. Employees hold the key to fortifying the last line of defense and providing IT and Security teams with critical real-time attack intelligence.
In this presentation, PhishMe’s COO, Jim Hansen, will draw on his 25 years in law enforcement and IT security to discuss:
•The current state of phishing
•The success and failure of technology systems and how human systems can protect the last mile
•How conditioning – not training - activates employees to identify and report phishing attacks
•The critical attack intelligence generated from employees and how it can be used to detect attacks-in progress and aid phishing incident response

Join PhishMe and (ISC)² on Sept 21 (Wed) at 2:00p.m. (Singapore time) for a security briefing on phishing awareness and response.

Presenter: Jim Hansen, Chief Operating Officer, PhishMe
Bios:
Jim has over twenty-two years’ experience in sales, operations and
executive management in the information security industry,
including co-founding and serving as COO of Mandiant. He has also
held numerous executive and management positions in both sales
and consulting organizations, and regularly speaks and publishes
articles on information security topics.

One of the biggest challenges faced by information security teams today is how to effectively prioritize their vulnerability remediation work. Burdened with this overload of vulnerability disclosures, Infosec teams often get overwhelmed by the task at hand and throw up their hands in frustration. After all, no IT department has enough staff and resources to promptly patch every single vulnerability within their environment.

Join Qualys and (ISC)² on Sept 14 (Wednesday) at 2:00p.m. (Singapore time) for a Security Briefing on how to prioritize remediation.

Presenter: Deb J, SME & Solution Architect – APAC & Middle east, Qualys
Bios:
Deb J (DJ) works with Qualys as a Subject Matter Expert for all products and platforms at Qualys. He is also a Field Solution architect responsible for customer success in the region. Deb has over 12 years of experience of which a large amount of time was spent on security. Started his career as a Code Quality Governance Specialist, so attention to details comes naturally. In the past he has worked with Compuware, NetIQ, LogLogic & ArcSight that adds a lot of experience for him to understand customer problems and identify solutions that work for them.

공격자들은 지하 시장에서 점점 전문화 , 조직화하고 있으며, 공격 기법도 무서운 속도로 고도화하고 있습니다.
정보 보호 업체인 “Websense Security Labs”이 미국, 영국, 캐나다, 호주의 IT관리자 1,000명 을 대상으로 조사한 결과 보고서에 따르면 대부분의 데이터 유출 사고는 “인가된 사용자”에 의해 이루어지고 있다고 합니다.
또한 그 동안 국내/외 많은 보안 사고 사례를 통해 알 수 있듯이 대부분의 정보 유출 사고는 탈취된 정상 사용자 계정 권한을 이용해서 이루졌다는 사례를 언론 등을 통해서 접할 수 있었습니다.

정보 유출 사고 예방을 위해 대부분의 보안 담당자는 이러한 알려진/알려지지 않은 다양한 보안 위협과 고도화된 내/외부에서 발생되는 위협을 식별 및 대응을 위한 위협 관리 체계의 필요성을 느끼고 있으며, 가트너에서는 향후 내/외부 다양한 보안 위협 예측 그리고 예방을 위해User Behavior Analytics (UBA) 사용은 필수이며, 2018년까지 최소 25%이상의 보안사고가 UBA 기술에 의해 탐지될 것이라고 리포트를 통해 예측하고 있습니다.

프로파일링 기반 이상행위 분석은 정상적인 사용자 및 시스템의 행동과 적절한 연관성의 정상 기준선을 설정하고 사용자 및 동료 그룹 간 이상 현상을 실시간으로 분석을 통해 권한 보유 사용자의 비정상 행위를 시각화 및 위협 예측 그리고 예방합니다.

또한 전체 IT 환경에 대한 보안을 더욱 민첩하고 지능적으로 변모하도록 요구하고 있으며, SIEM 보안 플랫폼과 연계 가능하며 UBA 기술은 알려진 위협과 알려지지 않은 위협에 관한 조치 가능한 정보를 생성하여, 사용자 및 시스템에 대한 세부적인 가시성을 제공함으로써 위협을 선제적으로 대응할 수 있는 보안 인텔리전스와 내부 위협를 보다 신속하게 해결할 수 있습니다.