Presentation is loading. Please wait.

Presentation is loading. Please wait.

South Wales Cyber Security Cluster www.southwalescyber.net A networking group with a purpose Membership Open to anyone with an interest in Cyber Security.

Published byShonda Stafford Modified over 8 years ago

Similar presentations

Presentation on theme: "South Wales Cyber Security Cluster www.southwalescyber.net A networking group with a purpose Membership Open to anyone with an interest in Cyber Security."— Presentation transcript:

1 South Wales Cyber Security Cluster www.southwalescyber.net A networking group with a purpose Membership Open to anyone with an interest in Cyber Security FREE to join FREE to join Meetings held every 3 rd Tuesday of the month 2pm – 4pm Clwstwr Seiberddiogelwch De Cymru National Cyber Security Strategy Wales – UK Hub for Cyber Security Formed & led by Welsh businesses Communicating Cyber Initiatives Developing Cyber Skills in Wales Growing Welsh Cyber Companies

2 South Wales Cyber Security Cluster www.southwalescyber.net Clwstwr Seiberddiogelwch De Cymru Penetration Testing ask a hacker to attempt to get at that “risky” data to see what vulnerabilities exist at a point-in-time Security Monitoring set up ongoing monitoring to check if that “risky” data is threatened or becomes vulnerable through-time Risk Assessment what information or data, if it got into the wrong hands, would put you at risk from reputational or financial loss The shaded area where the 3 circles meet is where every other cyber security product or service sits How do you know which of these might be right for you unless you have done the 3 “must do’s” first? The 3 “must do’s” of Cyber Security… Compliance

3 South Wales Cyber Security Cluster Clwstwr Seiberddiogelwch De Cymru What you need to know about Cyber Risk Assessments… www.southwalescyber.net Risk Assessment what information or data, if it got into the wrong hands, would put you at risk from reputational or financial loss Assessing the risk to your data – think CIA Not all data is equal – Cutlery or Jewellery Understanding the risk is real Determining your risk appetite Likelihood Impact Response Threats Threat Sources Balance of Probability Confidentiality Integrity Availability Accept Avoid Mitigate Once the Cyber Risk Assessment is completed it’s time to test it…

4 South Wales Cyber Security Cluster Clwstwr Seiberddiogelwch De Cymru www.southwalescyber.net Penetration Testing ask a hacker to attempt to get at that “risky” data to see what vulnerabilities exist at a point-in-time Vulnerability Assessment Penetration Test – “go on, hit me!” Setting the scope - Cutlery or Jewellery White Hat, Grey Hat, Black Hat Footprinting Scanning Attack It’s amazing what you can find on the web Active or Passive When do you stop? What you need to know about Penetration Testing… This is a “point in time” check, what about checking continuously through time…

5 South Wales Cyber Security Cluster Clwstwr Seiberddiogelwch De Cymru Security Monitoring set up ongoing monitoring to check if that “risky” data is threatened or becomes vulnerable through-time Know what “risky” data you are trying to protect (Risk Assessment), know what vulnerabilities exist (Pen Test) Monitor the data types that will tell you the Cause, Event and Effect of threats to those vulnerabilities What you need to know about Security Monitoring… Cause Event Effect Who did it? When did it happen? Where did it happen? What happened? How many times? What changed? Effect on infrastructure? Effect on users? Effect on business? SIEM or Log Management Configuration, Asset, Flow, File Performance & Availability Monitoring is based on Data Type Relational databases can’t handle disparate data This is why IT teams buy multiple systems But… which systems do you need? www.southwalescyber.net

6 South Wales Cyber Security Cluster Clwstwr Seiberddiogelwch De Cymru What you need to know about other cyber security products or services… www.southwalescyber.net Consulting Security Services Security Hardware Security Software Secure Infrastructure Governance Risk & Compliance Cyber Essentials Certification 5 “essential” aspects Block 80% of threats

Download ppt "South Wales Cyber Security Cluster www.southwalescyber.net A networking group with a purpose Membership Open to anyone with an interest in Cyber Security."

Similar presentations

The Queen’s University of Belfast JISC BS7799 Pilot The Queen’s University of Belfast Dr. Ricky Rankin.

The Queen’s University of Belfast JISC BS7799 Pilot The Queen’s University of Belfast Dr. Ricky Rankin.
IT Security “Knowing the potential threat to YOU and your business” Ian McLachlan IT Manager.

IT Security “Knowing the potential threat to YOU and your business” Ian McLachlan IT Manager.
JARED BIRD Nagios: Providing Value Throughout the Organization.

JARED BIRD Nagios: Providing Value Throughout the Organization.
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.

S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
Risk Management a Case Study DATALAWS Information Technology Law Consultants Presented by F. F Akinsuyi (MSc, LLM)MBCS.

Risk Management a Case Study DATALAWS Information Technology Law Consultants Presented by F. F Akinsuyi (MSc, LLM)MBCS.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Ethical Hacking Introduction.  What is Ethical Hacking?  Types of Ethical Hacking  Responsibilities of a ethical hacker  Customer Expectations  Skills.

Ethical Hacking Introduction.  What is Ethical Hacking?  Types of Ethical Hacking  Responsibilities of a ethical hacker  Customer Expectations  Skills.
9-Performing Vulnerability Assessments Dr. John P. Abraham Professor UTPA.

9-Performing Vulnerability Assessments Dr. John P. Abraham Professor UTPA.
CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.

CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Comp 8130 Presentation Security Testing Group Members: U4266680 Hui Chen U4242754 Ming Chen U4266538 Xiaobin Wang.

Comp 8130 Presentation Security Testing Group Members: U Hui Chen U Ming Chen U Xiaobin Wang.
Risk Management Vs Risk avoidance William Gillette.

Risk Management Vs Risk avoidance William Gillette.
Engineering Secure Software. Why do we study risk?  Many outcomes are possible, not all are probable  Enumeration  Prioritization  Discussion.

Engineering Secure Software. Why do we study risk?  Many outcomes are possible, not all are probable  Enumeration  Prioritization  Discussion.
1 Continuity Planning An Overview…. 2 Continuity Planning Bill Scott CBCP Contingency Planning Coordinator Great Lakes Educational Loan Services, Inc.

1 Continuity Planning An Overview…. 2 Continuity Planning Bill Scott CBCP Contingency Planning Coordinator Great Lakes Educational Loan Services, Inc.
Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.

Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.
Nick Wildgoose 8 March 2012 BCI Workshop DELETE THIS TEXT AND PUT COMPANY LOGO IN THIS WHITE SPACE Understanding Risk within your Supply Chain SC1(V1)Jul/05/10GC/ZCA.

Nick Wildgoose 8 March 2012 BCI Workshop DELETE THIS TEXT AND PUT COMPANY LOGO IN THIS WHITE SPACE Understanding Risk within your Supply Chain SC1(V1)Jul/05/10GC/ZCA.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.

Similar presentations

Ads by Google