How Cyber Criminals are Exploiting the COVID-19 Pandemic

Ransomware Attacks will affect your business. From recently published news we have all witnessed the huge business impact that attacks have had on many high-profile organisations.

It’s now possible to test your existing security controls, by running attack scenarios against your system components such as Firewalls, Email gateways and against a virtual machine imagine of your laptop/desktop to see if they are configured to defend you effectively.

Misconfigurations, lack of security updates and patching will allow attacks to foster and cause widespread issues.

We can run simulated assessments to help show you where any gaps are and provide remediation advice to get you back on track.

Let us show you how to gain confidence in your security budget allocation and assess the effectiveness of your systems against an attack.

Join us for this special webinar where 2-Sec Consulting in conjunction with our partner organisation 'Picus' will show you how to protect and configure your systems from an attack.

Security methodology matters, but the way risk is measured determines how success is ultimately reviewed.
Join us for this special webinar on Thursday 25th June, as we look at how to measure success in cyber security.
We will highlight how Standards and Regulations are a great mechanism, but you need to look beyond!

This half-day virtual conference focuses on applying Defence in Depth controls to stay Cyber Secure, and what blue teams should be doing to defend against adversaries. We will draw from real-life experiences from working with a number of organisations, and welcome speakers from Darktrace and Smarttech 247. If you have any questions for our expert panel, please submit them in-session.

Agenda:

10am - 10.45am:
2|SEC Consulting, Parminder Lall - Measuring Success - The role of cyber security and risk management frameworks

10.45am - 11.30am:
Darktrace, Harriet Martin – Changing Cyber Landscapes: The Battle of Algorithms

11.30am - 11.45 break

11.45am - 12.25pm:
2|SEC Consulting, Tim Holman - Defence in Depth – 12 key things you must be doing to secure your assets today

12.30pm - 1.10pm:
Smarttech 247, Ronan Murphy – The main challenges in big data security

1.15pm - 1.30pm:
Panel Discussion with all speakers / Q&A

This half-day virtual conference focuses on applying Defence in Depth controls to stay Cyber Secure, and what blue teams should be doing to defend against adversaries. We will draw from real-life experiences from working with a number of organisations, and welcome speakers from Darktrace and Smarttech 247. If you have any questions for our expert panel, please submit them in-session.

Agenda:

10am - 10.45am:
2|SEC Consulting, Parminder Lall - Measuring Success - The role of cyber security and risk management frameworks

10.45am - 11.30am:
Darktrace, Harriet Martin – Changing Cyber Landscapes: The Battle of Algorithms

11.30am - 11.45 break

11.45am - 12.25pm:
2|SEC Consulting, Tim Holman - Defence in Depth – 12 key things you must be doing to secure your assets today

12.30pm - 1.10pm:
Smarttech 247, Ronan Murphy – The main challenges in big data security

1.15pm - 1.30pm:
Panel Discussion with all speakers / Q&A

With the almost complete shift of business from the office to the BYOH environment, Cyber Criminals have had to completely change their strategy and tactics to take advantage.
The worrying thing is, the transition has been been quick and simple, whilst businesses are still struggling to pick up the pieces.

Agenda:

10:30 Oliver Fairbank, Head of Analysis, Orpheus Cyber

Changes in the Cyber Threat Landscape
_______

Oliver works at the coal face of cutting edge research into criminal activities on the dark web, and leads a team that thoroughly analyses such activities and provides actionable intelligence for some of the world's largest companies.

* How COVID-19 has changed the threat landscape
* How Cyber Criminals are taking advantage of home workers
* Ransomware as a Service (Raas) v2.0
* What happens when criminal actors get together and pool resources?

He will also explore the groundbreaking research carried out by Orpheus Cyber, in response to the COVID-19 pandemic, and how Threat Intelligence must be part of any holistic Cyber Defence programme.
_______

10:50: Q&A Panel Session With Speakers
_______

11:00 Close


This session is worth one Continuing Professional Education (CPE) credit, for (ISC)2 certifications.

For many organisations, home-working, sometimes with personal devices presents a seemingly impossible challenge. Not only has a business got to secure its own systems, this now extends to systems they don't even own.

Agenda:
_______

10:00 Tim Holman, CEO and Founder, 2|SEC Consulting, and Nick Thomas, Security Consultant

The Challenges of Securing a BYOD Environment
_______

A discussion of the challenges of BYOD and integrating into a zero-trust operating model, including:

* Cyber security awareness
* Mobile Device Management (MDM)
* Common, and less common BYOD risks
* Overview of BYOD remote access solutions

Tim will discuss the various options that are available and how businesses can make improvements.
_______

10:30 Marco Rottigni, Security Consultant, Qualys
_______

Marco will discuss how to ensure systems which may come into contact with company or sensitive personal data are visible, and kept secure, covering:

* Asset inventory
* Vulnerability identification
* Threat prioritisation
* Remediation

He will also demonstrate how the Qualys VMDR solution achieves this, for one-user environments through to 10,000+ user deployments, with ease.

Join this webinar to learn about complimentary Qualys services in the period of lockdown can finally complete the vulnerability cycle within a single UI, delivering on the promise of driving Time to Remediation toward zero.

_______

10:50: Q&A Panel Session With Speakers
_______

11:00 Close
_______

This session is worth one Continuing Professional Education (CPE) credit, for (ISC)2 certifications.

Join us to learn how to reduce the risk of employees using their own PCs and devices to access business systems. This is particularly pertinent where some companies have simply run out of laptops to furnish their employees with, and have asked their staff to use their own systems. Security, as always, seems to be an afterthought, and it is critical that any BYOD (Bring Your Own Device) scenario is tightly secured, preferably before being released into the wild.

_______

Agenda:
_______

10:00 Tim Holman, CEO and Founder, 2|SEC Consulting

The Challenges of Securing a BYOD Environment
_______

A discussion of the challenges of BYOD and integrating into a zero-trust operating model, including:

* Cyber security awareness
* Mobile Device Management (MDM)
* Common, and less common BYOD risks
* Overview of BYOD remote access solutions

Tim will discuss the various options that are available and how businesses can make improvements.
_______

10:30 Brett Raybould - EMEA Solutions Architect, Menlo Security

Introduction to User Isolation
_______

Employees are using their own PCs as they isolate during the pandemic but this presents organisations with a huge problem of how they continue to deliver a secure environment. Brett will demonstrate how it’s possible to completely eliminate all risk of infection from browser based threats using the Menlo Security Global Cloud Platform with Isolation Core™ enabling ‘business as usual’ for remote worker.

Brett will provide a short introduction to the company and highlight why organisations around the globe are looking at User Isolation as the means to protect their users from the ever-present web and email dangers regardless of their physical location.
_______

10:50: Q&A Panel Session With Speakers
_______

11:00 Close
_______

This session is worth one Continuing Professional Education (CPE) credit, for (ISC)2 certifications.

Join us to learn about the latest techniques used to bypass existing phishing prevention systems, assist your staff avoid compromise and make simple improvements to the hygiene of email domains which will improve security and confidence of your email reputation.

Agenda:
_______

10:00 Tim Holman, CEO and Founder, 2|SEC Consulting, and Nick Thomas, Security Consultant
_______

With Google now blocking 18 million coronavirus-related phishing emails every day, businesses must stand up and take notice and look at bolstering defences, including:

* Cyber security awareness
* Preventing password re-use attacks
* Ensuring users have the protection they need at home
* Getting the basics right. SPF, DKIM, DMARC. Don't let your business phish itself!
* Preparing for increased BYOD use and extending the zero-trust model

Tim will discuss the various options that are available and how businesses can make instant improvements, and Nick will cover a very relevant case study in this area.
_______

10:30 Andy Oldfield, Technical Director, Aquilai
_______

We will also be introducing a unique solution from Aquilai that tackles phishing through an innovative machine learning platform, using real-time checks and linguistic analysis. Handling millions of emails every day, Aquilai have built up some very interesting research and will talk about the unexpected trends that the COVID-19 outbreak has indirectly caused.
_______

10:50: Q&A Panel Session With Speakers
_______

11:00 Close
_______

This session is worth one Continuing Professional Education (CPE) credit, for (ISC)2 certifications.

Since the coronavirus outbreak there has been a significant increase in people working from home. This is on a scale never seen before globally due to government advice and strict controls limiting peoples movements.

Working from home can introduce a variety of increased security risks, and in this webinar, Tim Holman and Nick Thomas will discuss the impact to IT and Security teams, exposing some of the harsh measures implemented in the first weeks of lockdown and provide a variety of free solutions to businesses, helping them through these tough times.

Join us for our webinar on Tuesday 14th April and you will learn how to keep your staff Cyber Safe whilst working from home. We will draw from our pool of audit, consulting and penetration testing experience and offer practical, unbiased solutions to the challenge of BYOH and how companies should be adopting it.

Please note: Attendees will earn one credit of Continuing Professional Education (CPE) for attending this webinar; and an attendance certificate will be provided upon request

Join us for our Webinar on Thursday 19th March where we will explain how you can save your business, time, money and effort.

The Agenda for the webinar is as follows:

Why Cyber Security is no longer an IT Issue
Protecting your assets
Managing security standards
Introducing our ‘Value based Assessment Model’

2|SEC Consulting brings a new modern way of thinking that offers your business immediate and real, quantifiable benefits from day one.
Our ‘Value based assessment model’ was developed to provide a solution to the traditional, island approach to managing information security.
Problems such as a lack of effective and efficient collaboration, communication and control validation with an organisation, We unify your security architecture into one integrated system, providing a single compliance and assessment framework and thus increasing your control environment efficiencies whilst dramatically reducing your cost in time, complexity and money.

2|SEC Consulting will present an overview of top Cyber Threats for 2020; and what organisations should be looking out for when securing systems for the next decade.

Research is drawn from 2|SEC Consulting’s Virtual CISO, Cyber Security Audit, Cyber Essentials and Penetration Test team engagements over 2019; and the webinar will cover the Top 5 Cyber Threats found:

1. Passwords
You think your password is secure? Think again. Billions of user accounts and passwords have been compromised and reused by hackers. We will look at the mechanics and also ways to use passwords in a more secure way.

2. Phishing
Be it through spoofed emails, text messages or impersonation through phone calls, credentials can be simple to acquire; and can be used against you. Whilst users will undoubtedly fall foul of phishing attacks, as they just like clicking on links, don’t let your whole organisation be taken down as a result!

3. Malware / Ransomware
Ransomware is still the biggest money spinner for organised cybercrime gangs. It is rarely targeted. Don’t be a drive-by victim and leave your doors open.

4. Software Vulnerabilities
Critical vulnerabilities are identified on a continual basis, which if exploited, could have devastating results. Organisations need a sense of urgency when it comes to patching; and this shouldn’t be seen as a low-level IT problem.

5. Nation states and organised criminals
Attacks step up a level when financial resources are at the disposal of an adversary; and they are free to act without any threat of arrest. Cyber espionage on an industrial scale. If one hacker can do damage, think about what a team of 1000 state-sponsored hackers can do.

Please note: Attendees will earn one credit of Continuing Professional Education (CPE) for attending this webinar; and an attendance certificate will be provided upon request