Hi [[ session.user.profile.firstName ]]

Politics and Cyber Attacks: Techniques, Prevention & Influence

Focus of the talk:

The current global political climate and the increased number of cyber attacks associated with nation states and revelations from whistleblowers such as WikiLeaks. The strategies and potential reasons for such attacks – We are seeing a focus shifting from financial gain
to political power, control and mass surveillance.

Audience learning:

A view of the technologies utilised and targeted to perform the attacks such as malware targets such as iPhones, Android devices and smart TVs and malware on Windows, Osx, Linux etc

Audience takeaways:

The talk is aimed at those with a general interest in Cyber Security and how political gain is firmly intertwined and a tool utilised in state sponsored cyber attacks indiscriminately against corporations, criminals and citizens alike.


Indy possesses over 14 years’ experience, having worked in both
operational and consulting positions at FTSE100 and Fortune 500
organisations including AXA, Deutsche Bank, PwC, Accenture,
Mercedes-Benz, Jaguar Land Rover and many other world leading

His experience includes leadership positions in information/
cybersecurity transformation, risk assurance, crisis management
(pre and post incident), assurance, audit, governance, risk and
compliance programmes.
Recorded May 18 2017 34 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Indy Dhami, Director & Independent Security Consultant
Presentation preview: Politics and Cyber Attacks: Techniques, Prevention & Influence

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The lurking dangers of IoT devices on the new modern-day workplace Dec 16 2021 6:00 pm UTC 60 mins
    Daniel Lamm, Founder at Euclidean Home & Kevin Suckiel, Police Officer in New York City
    The internet of things, along with the evolving workplace allow people and systems to communicate with each other in a seamless way to increase productivity and streamline many business functions. The benefits come at the price of an increasing rate of cyber-attacks across the globe. Cyber criminals are increasingly finding ways to penetrate modern work environments through devices and common modern work practices – a problem exacerbated by increasing work-from-home employment. Every one of us have become the first line of defense for our organizations and have the power to make a difference. Daniel and Kevin bring with them over 15 years of experience in law enforcement and IoT security. They will be discussing common security pitfalls and ways that you can better protect yourself and your organization from cyberattacks.
  • How To Stay Ahead Of The Curve In The Ransomware Crisis Recorded: Dec 2 2021 80 mins
    Matt Warner, CTO & Co-Founder of Blumira
    Unfortunately, ransomware is here to stay. Ransomware attacks are becoming more profitable, and ransomware-as-a-service operations continue to lower the barriers of entry for more cybercriminals to launch attacks. Major attacks in 2021 like Colonial Pipeline and JBS Foods have put ransomware in the spotlight, but it’s not enough to simply be aware of ransomware. Security and IT professionals need to take action and be ahead of the curve to prevent ransomware. Matt Warner, CTO and co-founder of Blumira, a threat detection and response provider, will discuss what security teams should arm themselves with to win the battle against ransomware. He’ll cover: An overview of the current ransomware threat landscape Security tools and methods to have in your arsenal to detect signs of ransomware Suspicious activity to look for in each step of the ransomware kill chain How leaning into IT security fundamentals can prevent ransomware outbreaks
  • Ransomware in Focus: How Self-Learning AI Stays One Step Ahead of Attackers Recorded: Nov 18 2021 46 mins
    Justin Fier, Director of Cyber Intelligence & Analytics
    Ransomware is a more imminent threat than ever before as digital ecosystems are becoming more complex and attackers are innovating with new tools, techniques, and procedures. It’s no surprise that the frequency of these attacks nearly doubled in the first half of 2021. With double extortion ransomware, novel attacks, and the increased availability of ‘ransomware as a service’, legacy security tools reliant on rules and signatures are simply outpaced. In this webinar, Darktrace’s Director of Cyber Intelligence & Analytics, Justin Fier, will discuss specific threat stories to demonstrate why Self-Learning AI is critical to respond to these machine-speed attacks with machine-speed defenses.
  • Build vs Buy: Pitfalls on the Path to Vulnerability Management Maturity Recorded: Jul 13 2021 31 mins
    Scott Kuffer COO, Nucleus Security & Steve Carter CEO, Nucleus Security
    As you continue down the path of VM maturity, you will undoubtedly find that manual VM workflows are bottlenecks preventing your program from scaling and moving quickly enough to meet your objectives. You might even consider building your own VM platform internally to automate some of these bottlenecks. Let us stop you right there.

    We’ve seen it a million times. Proprietary in-house software, or homegrown vulnerability management solutions, tend to be clunky and immature, consisting of little more than a database and primitive user interface. They’re often difficult, time-consuming, and expensive to maintain, while seldom meeting the needs of the organization or scaling sufficiently to meet increasing demand. What starts as an attempt to ease bottlenecks and control expense, almost always spirals into a bigger headache and larger spending-vehicle than imagined.

    How do we know? Because we’ve built them. In this talk, Nucleus co-founders Scott Kuffer and Steve Carter will explore the pitfalls on the path to VM maturity, with insights into why DIY is seldom the best course of action, and how we’ve seen the tactic go horribly wrong
  • Zero Trust for the New Normal Recorded: Jun 16 2021 61 mins
    Diana Kelley, SecurityCurve| Mari Galloway, Women's Society of Cyberjutsu | Jonathan Nguyen Duy, Fortinet | Bob Rudis, Rapid7
    Working remotely has become the new normal. This, and many other changes organizations adopted last year in response to the pandemic are likely to stay for the long term. According to Gallup, about two-thirds of U.S. remote workers want to continue to work remotely. So, how can organizations continue to support their growing distributed workforce at a time where reports of security threats have increased by 400% compared to pre-pandemic levels? 

    Here is where the zero-trust approach to security comes into play. 

    Join this month's episode of The (Security) Balancing Act with Diana Kelley and guests as they discuss the emergence of zero trust (“Trust Nothing, Verify Everything”) and what it helps achieve for enterprises in the age of cloud and remote work.

    Viewers will learn about:
    - The evolution of the security perimeter and the shift to zero trust
    - Why zero trust is an approach and not a product
    - Zero Trust Network Access (ZTA) vs. corporate VPN
    - Real-world stories and practical hands-on guidance from people who have deployed a ZTA

    - Mari Galloway, CEO, Women's Society of Cyberjutsu
    - Jonathan Nguyen Duy, Vice President, Global Field CISO Team, Fortinet
    - Bob Rudis, Chief Data Scientist, Rapid7

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Cook Your Dinner, Don’t Cook Your Devices Recorded: May 19 2021 91 mins
    Scott Scheferman, Principal Cyber Strategist at Eclypsium
    In this rare EC-Council event, you’ll learn how to properly select, prepare & plate an amazing rack of lamb and sides, while engaging your intellectual security side with Eclypsium.

    Modern organizations are in the midst of a transformation at the device level, and these changes are having profound impacts to security. No longer defined simply by corporate laptops and servers, enterprises must navigate the risk of a constantly evolving landscape targeting networking equipment, connected devices, personal-use employee devices, medical devices, as well as devices in remote work environments. Many of these devices simply can’t be managed using traditional security tools, with recent studies estimating that up to 90% of enterprise devices can’t support a traditional security agent.

    In this EC-Council webinar, Scott Scheferman, Principal Cyber Strategist at Eclypsium, will discuss modern attack dynamics and unique insights associated with these devices, along with the challenge of protecting the converged and connected enterprise. He’ll outline a strategy for extending visibility and security to network appliances and unmanaged devices. Scott’s presentation will be followed by conversation and a cooking demonstration by Chef Michael Leto. Register in advance to receive a list of ingredients you will need to cook along with the chef.
  • Ransomware in the Remote Work Era Recorded: May 12 2021 61 mins
    Diana Kelley, SecurityCurve | Nicole Hoffman, GroupSense | Courtney Radke, Fortinet | Patrick Lee, Rapid7
    Phishing and ransomware attacks continue to rise, according to Proofpoint’s State of the Phish report for 2020. Organizations in the U.S. are at risk, the increase in remote work due to the pandemic has fueled a spike in attacks, and phishing attempts are up by 14 percent compared to the previous year.

    Email continues to be the number 1 delivery vehicle, but other social engineering schemes that rely on social media, voicemail (“vishing"), SMS phishing (“smishing”), and malicious USB drops are also of concern for organizations. Ransom demands are also on the rise, but according to the report, paying the ransom is not guaranteed to work as many companies that paid the ransom failed to receive a decryption key.

    Join this month's episode of The (Security) Balancing Act as Diana Kelley and guests discuss why ransomware is surging again, which sectors are most at risk, the threat to enterprises and how it is being used for more than just ransom (ex: distractionware, destructionware, etc).
    - The rise in ransomware under the cloak of the pandemic
    - Why email continues to be the channel of choice
    - The difference between fully automated and human-operated campaigns
    - How to decide whether or not to pay or not to pay the ransom
    - Why your backups may not be immune to ransomware
    - Addressing the threat with best practices

    - Nicole Hoffman, Intelligence Analyst, GroupSense
    - Courtney Radke, CISO for National Retail, Fortinet
    - Patrick Lee, Senior Incident Response Consultant, Rapid7

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • What you can do to get ahead of the next round of attacks Recorded: Apr 21 2021 57 mins
    Scott Scheferman, Principal Cyber Strategist @ Eclypsium
    According to a recent Microsoft report, 83% of all businesses have experienced a firmware attack in the past two years. Firmware and hardware issues have become one of the most active areas of enterprise security, as organizations struggle to cope with attacks such as the recent Accellion FTA device extortion campaign. Unfortunately, most organizations lack visibility into this critical attack surface. In fact, today the TrickBot malware group has more insight into which devices are vulnerable to UEFI attacks than most security teams.

    In this webinar you'll learn:

    How the cyber threat landscape is evolving as threat actors converge

    Why APTs and criminal attackers are increasingly targeting firmware

    How attackers are gaining visibility into the firmware in your devices
  • Taking Down Nation State Botnets Recorded: Apr 14 2021 59 mins
    Diana Kelley, SecurityCurve | Johna Till Johnson, Nemertes Research | Craig Harber, Fidelis | Derek Manky, Fortinet
    This month's episode of The (Security) Balancing Act will focus on botnets as a growing threat to the enterprise, examples from the real world, and what enterprises can do to better protect against botnet-fueled state sponsored attacks.

    Join this interactive roundtable discussion with security experts and industry leaders to learn more about:
    - How botnets have become a tool for cyber criminals and nation state actors
    - Real-world examples & known botnet attacks
    - Nation state ransomware attacks
    - DDoS attacks
    - Cyber espionage
    - ATPs
    - The trouble with attribution
    - What enterprises and governments can do to address the threat

    - Johna Till Johnson, CEO and Founder of Nemertes Research
    - Derek Manky, Chief, Security Insights & Global Threat Alliances, Fortinet
    - Craig Harber, Chief Customer Success Officer, Fidelis

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Sometimes the Best Place to Escape is Underground Recorded: Mar 24 2021 50 mins
    Scott Scheferman, Principal Cyber Strategist @ Eclypsium & Drew Rose - CSO and Co-founder @ Living Security
    There are some things that just don’t change. One of them is that criminals look for dark places to evade scrutiny. They lurk where the lights are out and the security guards are missing.

    So it is in cyberspace too, where APT and criminal actors are moving down the stack to hide from security teams.

    Join us for a virtual escape room and an exploration of threats below the surface, Immediately following the Webinar. Registration for the Virtual Escape Room here: https://ls.livingsecurity.com/ec-cyber-escape-online-event-3-24 (separate registration is required)
  • The Reality of Vendor Risk Assessments Recorded: Mar 17 2021 55 mins
    Jon Ehret, VP of Strategy & Risk, RiskRecon & Tony UcedaVélez, CEO, VerSprite
    For years many cybersecurity professionals have been trying to understand how to measure cyber risk. Why is this important? If you have a solid understanding of the risks facing your infrastructure, you can devise a plan for stopping any issues before they arise. Why is this so hard? Cyber risk is complex and ever-changing, as we've seen with the recent SolarWinds event that has caused a shift in focus to supply chain security.

    Conducting proper security assessments that are fit for your business is a good first step, allowing you to maximize efforts and become more efficient in the process, but how do you know if you are running good security assessments?

    Join our session and come away with:
    - Practical recommendation on quantification of risk for vendor risk assessments
    - Guidance on how to address vendor prioritization
    - Do's and Dont's for vendor risk management programs
  • The Future is Identity-Centric Recorded: Mar 17 2021 60 mins
    Diana Kelley, SecurityCurve | Joseph Carson, Thycotic | Dave Farrow, Barracuda | Jeremy Snyder, Rapid7
    Instead of the traditional "castle and moat" model of the past, today the security perimeter is being defined around the identity of the person or the device requesting access. What are organizations doing to protect digital identities in the age of breaches? How are the current trends in identity and access management helping address this issue?

    Join this interactive roundtable discussion with notable security experts to learn more about:
    - The shift to identity-centric security
    - The zero trust mindset
    - What constitutes strong and effective authentication and authorization
    - The role of policy orchestration and enforcement
    - Best practices for protecting identities and managing access across the enterprise

    - Joseph Carson, Chief Security Scientist and Advisory CISO at Thycotic
    - Dave Farrow, VP, Information Security at Barracuda
    - Jeremy Snyder, Sr. Director, Corporate Development, Rapid7

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Getting Ahead of Imminent Threats to Hospitals and Patients: A Panel Discussion Recorded: Feb 23 2021 62 mins
    Dr. Saif Abed, Shaun van Niekerk, Erik Decker & Scott Scheferman
    Join Dr. Saif Abed BSc MBBS MPhil MSc, UK NHS’s CISO, Joint Cyber Chair Shaun van Niekerk, Erik Decker, Chief Security and Privacy Officer for the University of Chicago Medicine and Eclypsium’s Principal Strategist Scott Scheferman in a lively, frank and deeply insightful discussion on what the biggest threats to patient and hospital safety are for 2021, and what is being done to get ahead of them. We’ll unpack what makes 2021 a markedly more volatile threat landscape, and how hospitals can measure and triage risks in the form of medical device vulnerabilities, supply chain threats, and ransomware. We’ll also discuss what the impact potential is for the very latest developments in the firmware threat landscape, specifically in the context of critical medical device workflow examples. This will be an unscripted panel discussion and open to questions from the audience.
  • Succeeding as a CISO in 2021 Recorded: Feb 17 2021 62 mins
    Diana Kelley, SecurityCurve | Patricia Titus, Markel Corp | Jonathan Nguyen-Duy, Fortinet | Gerald Mancini, Fidelis
    This month's episode of The (Security) Balancing Act will look at how the CISO role has evolved in the last few years, what today's expectations are and what it takes to succeed as a CISO.

    Some of the topics to be covered during this roundtable discussion with security and tech leaders include:
    - How has the CISO role evolved over the last few years and what is expected of CISOs in 2021?
    - CISO vs BISO
    - How to see ROI on your cybersecurity investment?
    - How to get the business to understand risk and care about security?
    - How to keep cyber employees happy. The churn is exhausting and costly for companies, and it’s exacerbated by employee burnout and a “grass is greener” approach.

    - Patricia Titus, Chief Privacy and Information Security Officer, Markel Corporation
    - Jonathan Nguyen-Duy, Vice President, Global Field CISO Team at Fortinet
    - Gerald Mancini, Chief Operating Officer of Fidelis Security

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • AppSec is dead. Long live DevSecOps! Recorded: Feb 9 2021 48 mins
    Matias Madou, Ph.D., Co-Founder and CTO, Secure Code Warrior
    In the ancient times of software creation, we had AppSec, and we had developers.

    Generally, AppSec was aware of security problems, their impact, and code-level fixes. However, these remedies would rarely work in the custom tech stack of the company. Developers cranked out software features in a fast, functional and reliable way, but also released their code for security review as late as possible. Why? To shorten the AppSec feedback window, ensuring their out-of-context security recommendations would bounce back well after the release window and not halt proceedings. A little dysfunctional, to say the least.

    Fast-forward to today, and our demand for software is greater than ever before, as is the risk of data breaches from common vulnerabilities. This fractured process cannot work, and the DevSecOps movement is here to change the game. DevSecOps creates an environment of shared responsibility for security, where developers become responsible for effective deployment, and the lines between AppSec and development teams are increasingly blurred and more collaborative.

    The days of a hands-off security approach for developers are over, and with the right training and tools, they can take advantage of this process, upskill their security awareness and stand out among their peers.

    Delivered by security expert Matias Madou, Ph.D., he will demonstrate:
    The changes the industry has faced in the journey from Waterfall to DevSecOps
    How developers can navigate change and become a powerful piece of the DevSecOps pipeline
    Why DevSecOps doesn't have to compromise the work developers love most
    How sharing the responsibility for security works in a team environment
    Why upskilling as a security-aware developer will help bridge the cybersecurity skills gap, and make them a sought-after engineer in the process.
  • Election Takeaways for Cybersecurity Leaders Recorded: Jan 20 2021 61 mins
    Diana Kelley | Jim Richberg | W. Curtis Preston
    The 2020 US presidential election is behind us, but the key cybersecurity issues surrounding election integrity could linger for years to come. From ransomware attacks on local governments, to the untamed spread of disinformation, to experimenting with online voting apps and the myriad of vulnerabilities uncovered across election infrastructures, cybersecurity had never before taken such a central place in the national conversation as it did in 2020.

    So, what have we learned in the aftermath? And how can we apply it to better protect upcoming elections as well as enterprises, customers and employees?

    Join this interactive panel with security experts and tech leaders to learn the biggest lessons from the election from a cybersecurity and privacy standpoint. Discover what went down, what could have gone better and how to prepare for the midterm elections in 2022.

    - Can we build a hack-free election
    - Does misinformation on social sites impact how people vote and what can be done to stop the spread
    - What was new this time and what should security leaders keep in mind for their organizations
    - Would it be safer if we brought the voting process online or in app
    - Can nation state actors change voter rolls or polling data
    - What the biggest election threats mean for industry
    - Key takeaways for cybersecurity leaders

    - Jim Richberg, Public Sector Field CISO at Fortinet
    - W. Curtis Preston, Chief Technical Evangelist, Druva

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • 2021 Readiness: Balancing Security in a Post-COVID World Recorded: Dec 9 2020 60 mins
    Diana Kelley | Mark Weatherford | Ted Harrington | Amir Shaked
    Earlier this year many companies experienced an incredible shift to fully remote work almost overnight, in response to the COVID-19 pandemic. This accelerated the “digital transformation” journey for many companies compressing what was a multi-year timeline into a few months and making 2020 different than any other previous year. In this episode we’ll explore how the balance between security, privacy and productivity was tipped this year, and what can we expect to see in 2021 as some, but not all, organizations head back to office work with a post-pandemic mindset.

    The audience will hear from CISOs and Security Directors about how this year was different, what they're going to do differently going forward, and what they expect (or have already seen) as organizations get back to pre-COVID levels.

    Topics covered:
    - 2020 in review
    - The hard lesson that a mobile workforce is not the same as a remote workforce
    - How the attack surface expanded and what CISOs are doing to ensure risk doesn’t expand too
    - How digital transformation sped up and what they meant for security, privacy and productivity
    - During the speedy journey to the cloud - what mistakes were made?
    - Lessons learned that will be carried forward for security teams
    - What CISOs are doing to prepare for whatever 2021 may bring

    - Mark Weatherford, Chief Strategy Officer and Board Member, National Cybersecurity Center
    - Amir Shaked - VP, R&D, PerimeterX
    - Ted Harrington, Executive Partner, Independent Security Evaluators [ISE]

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Election Recap & Cybersecurity Lessons Learned Recorded: Nov 19 2020 49 mins
    David Morris | Lee Imrey | Mick Baccio | Harrison Morris
    The 2020 U.S. presidential election has brought cyber security to the forefront for many in the U.S.

    From shedding light on disinformation campaigns aimed at disrupting the election, to testing voting machines and pentesting online voting apps, to raising awareness around the risk of ransomware and other attacks to local governments, voter registration databases, poll books and election reporting websites - security researchers and practitioners have been raising red flags throughout the election cycle.

    Join this episode of the Election Hacking series to learn about:
    - The 2020 election takeaways from a cybersecurity viewpoint: What went down, what could have gone better and how to better prepare for the midterm election in 2022
    - What the biggest election threats mean for your industry and organization
    - What have we learned and will it change anything in time for 2022
    - Post-election cybersecurity lessons for tech leaders

    - Lee Imrey, Security Strategist at Splunk
    - Harrison Morris, PhD Candidate Georgia Tech researching the intersection of Cybersecurity and Cognitive & Brain Sciences
    - Mick Baccio, Security Advisor, Splunk

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Deceiving the Attacker Recorded: Nov 17 2020 56 mins
    Diana Kelley | Chris Roberts | Christina Fowler
    When it comes to deception technology, the industry is evolving beyond simple honeypots to a more automated, scalable, and effective approach.

    Join this episode of The (Security) Balancing Act to discover how deception technology can be used by organizations to detect, investigate and respond to malicious intruders. How does deceiving the attacker save your company and buy you time?

    During this episode, we'll go over:
    - What is deception technology and what does it help with?
    - How does it work? (e.g. Deception decoys, lures, honeytokens, traps, grids)
    - Is your organization ready to adopt deception?
    - What do you need to do before you buy the technology / build it in-house?
    - Key benefits of using deception for threat hunting
    - What else can deception be used for?
    - Deception use cases
    - The role of AI in deception (e.g. dynamic deception)

    - Chris Roberts, vCISO, Researcher, Hacker, Consultant, Devils Advocate
    - Christina Fowler, Chief Cyber Intel Strategist at MITRE Corporation

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Moving Target Defense: The Future of Cybersecurity Recorded: Nov 10 2020 43 mins
    Ron Nixon, VP Global Defense and Government, Polyverse
    Join Polyverse VP of Global Defense Ron Nixon, as he explains:
    · What is Moving Target Defense and where did it come from
    · Where it can be applied in your Linux systems
    · Why it works when traditional methods of defense fail
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Politics and Cyber Attacks: Techniques, Prevention & Influence
  • Live at: May 18 2017 10:00 am
  • Presented by: Indy Dhami, Director & Independent Security Consultant
  • From:
Your email has been sent.
or close