There are many frameworks that you can use to protect a company infrastructure
They are many different approaches to helping a company look at protection of assets and data for a repeatable process.
There is Cobitby ISACA, COBIT stands for Control Objectives for Information and Related Technology. It is a framework created by the ISACA (Information Systems Audit and Control Association) for IT governance and management. It was designed to be a supportive tool for managers—and allows bridging the crucial gap between technical issues, business risks, and control requirements. You can learn about COBIT here. The National Institute of Standards and Technology (NIST) SP 800The NIST SP 800 documents are a series of publications put forth by the National Institute of Standards and Technology (NIST), which is a non-regulatory agency of the United States Department of Commerce. The SP 800 series was established in 1990 and has grown quite a bit since then, encompassing a large, in-depth, and ever-growing set of computer security documents seen by many as industry leading. Additionally, the NIST SP 800 documents have been well-known to many professionals within the field of information technology - particularly that of information security -as they gained additional recognition with the Federal Information Security Management Act of 2002, known as FISMA. You can see the SP 800 files here. Cybersecurity Framework Version 1.1 CSF. This voluntary Framework consists of standards, guidelines, and best practices to manage cybersecurity-related risk. The Cybersecurity Framework’s prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important to the economy and national security. You can learn about CSF here. The ISO/IEC 27000 family of standards helps organizations keep information assets secure. Using this family of standards will help your organization manage the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties. ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS). There are more than a dozen standards in the 27000 family, you can see them here. Most of us know about MITRE CVE’swho sole purpose is to provide common vulnerability identifiers called “CVE Entries.” CVE does not provide severity scoring or prioritization ratings for software vulnerabilities. However, while separate, the CVSS standard can be used to score the severity of CVE Entries. One you might not know about is MITRE ATT&CK™
MITRE also has the ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. With the creation of ATT&CK, MITRE is fulfilling its mission to solve problems for a safer world — by bringing communities together to develop more effective cybersecurity. ATT&CK is open and available to any person or organization for use at no charge. You can find out more here. Mon, 12 Nov 2018 23:03:00 +0000
Windows 10 shortcuts
Keyboard shortcuts are keys or combinations of keys that provide an alternative way to do something that you’d typically do with a mouse.
Copy, paste, and other general keyboard shortcuts
| Press this key | To do this |
| Ctrl + X | Cut the selected item |
| Ctrl + C (or Ctrl + Insert) | Copy the selected item |
| Ctrl + V (or Shift + Insert) | Paste the selected item |
| Ctrl + Z | Undo an action |
| Alt + Tab | Switch between open apps |
| Alt + F4 | Close the active item, or exit the active app |
| Windows logo key + L | Lock your PC |
| Windows logo key + D | Display and hide the desktop |
| F2 | Rename the selected item |
| F3 | Search for a file or folder in File Explorer |
| F4 | Display the address bar list in File Explorer |
| F5 | Refresh the active window |
| F6 | Cycle through screen elements in a window or on the desktop |
| F10 | Activate the Menu bar in the active app |
| Alt + F8 | Show your password on the sign-in screen |
| Alt + Esc | Cycle through items in the order in which they were opened |
| Alt + underlined letter | Perform the command for that letter |
| Alt + Enter | Display properties for the selected item |
| Alt + Spacebar | Open the shortcut menu for the active window |
| Alt + Left arrow | Go back |
| Alt + Right arrow | Go forward |
| Alt + Page Up | Move up one screen |
| Alt + Page Down | Move down one screen |
| Ctrl + F4 | Close the active document (in apps that are full-screen and let you have multiple documents open at the same time) |
| Ctrl + A | Select all items in a document or window |
| Ctrl + D (or Delete) | Delete the selected item and move it to the Recycle Bin |
| Ctrl + R (or F5) | Refresh the active window |
| Ctrl + Y | Redo an action |
| Ctrl + Right arrow | Move the cursor to the beginning of the next word |
| Ctrl + Left arrow | Move the cursor to the beginning of the previous word |
| Ctrl + Down arrow | Move the cursor to the beginning of the next paragraph |
| Ctrl + Up arrow | Move the cursor to the beginning of the previous paragraph |
| Ctrl + Alt + Tab | Use the arrow keys to switch between all open apps |
| Alt + Shift + arrow keys | When a group or tile is in focus on the Start menu, move it in the direction specified |
| Ctrl + Shift + arrow keys | When a tile is in focus on the Start menu, move it into another tile to create a folder |
| Ctrl + arrow keys | Resize the Start menu when it's open |
| Ctrl + arrow key (to move to an item) + Spacebar | Select multiple individual items in a window or on the desktop |
| Ctrl + Shift with an arrow key | Select a block of text |
| Ctrl + Esc | Open Start |
| Ctrl + Shift + Esc | Open Task Manager |
| Ctrl + Shift | Switch the keyboard layout when multiple keyboard layouts are available |
| Ctrl + Spacebar | Turn the Chinese input method editor (IME) on or off |
| Shift + F10 | Display the shortcut menu for the selected item |
| Shift with any arrow key | Select more than one item in a window or on the desktop, or select text in a document |
| Shift + Delete | Delete the selected item without moving it to the Recycle Bin first |
| Right arrow | Open the next menu to the right, or open a submenu |
| Left arrow | Open the next menu to the left, or close a submenu |
| Esc | Stop or leave the current task |
Windows logo key keyboard shortcuts
| Press this key | To do this |
| Windows logo key | Open or close Start |
| Windows logo key + A | Open Action center |
| Windows logo key + B | Set focus in the notification area |
| Windows logo key + C | Open Cortana in listening mode
Notes - This shortcut is turned off by default. To turn it on, select Start > Settings > Cortana, and turn on the toggle under Let Cortana listen for my commands when I press the Windows logo key + C.
- Cortana is available only in certain countries/regions, and some Cortana features might not be available everywhere. If Cortana isn't available or is turned off, you can still use search.
|
| Windows logo key + Shift + C | Open the charms menu |
| Windows logo key + D | Display and hide the desktop |
| Windows logo key + Alt + D | Display and hide the date and time on the desktop |
| Windows logo key + E | Open File Explorer |
| Windows logo key + F | Open Feedback Hub and take a screenshot |
| Windows logo key + G | Open Game bar when a game is open |
| Windows logo key + H | Start dictation |
| Windows logo key + I | Open Settings |
| Windows logo key + J | Set focus to a Windows tip when one is available.
When a Windows tip appears, bring focus to the Tip. Pressing the keyboard shortcuts again to bring focus to the element on the screen to which the Windows tip is anchored. |
| Windows logo key + K | Open the Connect quick action |
| Windows logo key + L | Lock your PC or switch accounts |
| Windows logo key + M | Minimize all windows |
| Windows logo key + O | Lock device orientation |
| Windows logo key + P | Choose a presentation display mode |
| Windows logo key + R | Open the Run dialog box |
| Windows logo key + S | Open search |
| Windows logo key + T | Cycle through apps on the taskbar |
| Windows logo key + U | Open Ease of Access Center |
| Windows logo key + V | Cycle through notifications |
| Windows logo key + Shift + V | Cycle through notifications in reverse order |
| Windows logo key + X | Open the Quick Link menu |
| Windows logo key + Y | Switch input between Windows Mixed Reality and your desktop |
| Windows logo key + Z | Show the commands available in an app in full-screen mode |
| Windows logo key + period (.) or semicolon (;) | Open emoji panel |
| Windows logo key + comma (,) | Temporarily peek at the desktop |
| Windows logo key + Pause | Display the System Properties dialog box |
| Windows logo key + Ctrl + F | Search for PCs (if you're on a network) |
| Windows logo key + Shift + M | Restore minimized windows on the desktop |
| Windows logo key + number | Open the desktop and start the app pinned to the taskbar in the position indicated by the number. If the app is already running, switch to that app. |
| Windows logo key + Shift + number | Open the desktop and start a new instance of the app pinned to the taskbar in the position indicated by the number |
| Windows logo key + Ctrl + number | Open the desktop and switch to the last active window of the app pinned to the taskbar in the position indicated by the number |
| Windows logo key + Alt + number | Open the desktop and open the Jump List for the app pinned to the taskbar in the position indicated by the number |
| Windows logo key + Ctrl + Shift + number | Open the desktop and open a new instance of the app located at the given position on the taskbar as an administrator |
| Windows logo key + Tab | Open Task view |
| Windows logo key + Up arrow | Maximize the window |
| Windows logo key + Down arrow | Remove current app from screen or minimize the desktop window |
| Windows logo key + Left arrow | Maximize the app or desktop window to the left side of the screen |
| Windows logo key + Right arrow | Maximize the app or desktop window to the right side of the screen |
| Windows logo key + Home | Minimize all except the active desktop window (restores all windows on second stroke) |
| Windows logo key + Shift + Up arrow | Stretch the desktop window to the top and bottom of the screen |
| Windows logo key + Shift + Down arrow | Restore/minimize active desktop windows vertically, maintaining width |
| Windows logo key + Shift + Left arrow or Right arrow | Move an app or window in the desktop from one monitor to another |
| Windows logo key + Spacebar | Switch input language and keyboard layout |
| Windows logo key + Ctrl + Spacebar | Change to a previously selected input |
| Windows logo key + Ctrl + Enter | Open Narrator |
| Windows logo key + Plus (+) | Open Magnifier |
| Windows logo key + forward slash (/) | Begin IME reconversion |
| Windows logo key + Ctrl + V | Open shoulder taps |
Command Prompt keyboard shortcuts
| Press this key | To do this |
| Ctrl + C (or Ctrl + Insert) | Copy the selected text |
| Ctrl + V (or Shift + Insert) | Paste the selected text |
| Ctrl + M | Enter Mark mode |
| Alt + selection key | Begin selection in block mode |
| Arrow keys | Move the cursor in the direction specified |
| Page up | Move the cursor by one page up |
| Page down | Move the cursor by one page down |
| Ctrl + Home (Mark mode) | Move the cursor to the beginning of the buffer |
| Ctrl + End (Mark mode) | Move the cursor to the end of the buffer |
| Ctrl + Up arrow | Move up one line in the output history |
| Ctrl + Down arrow | Move down one line in the output history |
| Ctrl + Home (History navigation) | If the command line is empty, move the viewport to the top of the buffer. Otherwise, delete all the characters to the left of the cursor in the command line. |
| Ctrl + End (History navigation) | If the command line is empty, move the viewport to the command line. Otherwise, delete all the characters to the right of the cursor in the command line. |
Dialog box keyboard shortcuts
| Press this key | To do this |
| F4 | Display the items in the active list |
| Ctrl + Tab | Move forward through tabs |
| Ctrl + Shift + Tab | Move back through tabs |
| Ctrl + number (number 1–9) | Move to nth tab |
| Tab | Move forward through options |
| Shift + Tab | Move back through options |
| Alt + underlined letter | Perform the command (or select the option) that is used with that letter |
| Spacebar | Select or clear the check box if the active option is a check box |
| Backspace | Open a folder one level up if a folder is selected in the Save As or Open dialog box |
| Arrow keys | Select a button if the active option is a group of option buttons |
File Explorer keyboard shortcuts
| Press this key | To do this |
| Alt + D | Select the address bar |
| Ctrl + E | Select the search box |
| Ctrl + F | Select the search box |
| Ctrl + N | Open a new window |
| Ctrl + W | Close the active window |
| Ctrl + mouse scroll wheel | Change the size and appearance of file and folder icons |
| Ctrl + Shift + E | Display all folders above the selected folder |
| Ctrl + Shift + N | Create a new folder |
| Num Lock + asterisk (*) | Display all subfolders under the selected folder |
| Num Lock + plus (+) | Display the contents of the selected folder |
| Num Lock + minus (-) | Collapse the selected folder |
| Alt + P | Display the preview panel |
| Alt + Enter | Open the Properties dialog box for the selected item |
| Alt + Right arrow | View the next folder |
| Alt + Up arrow | View the folder that the folder was in |
| Alt + Left arrow | View the previous folder |
| Backspace | View the previous folder |
| Right arrow | Display the current selection (if it's collapsed), or select the first subfolder |
| Left arrow | Collapse the current selection (if it's expanded), or select the folder that the folder was in |
| End | Display the bottom of the active window |
| Home | Display the top of the active window |
| F11 | Maximize or minimize the active window |
Virtual desktops keyboard shortcuts
| Press this key | To do this |
| Windows logo key + Tab | Open Task view |
| Windows logo key + Ctrl + D | Add a virtual desktop |
| Windows logo key + Ctrl + Right arrow | Switch between virtual desktops you’ve created on the right |
| Windows logo key + Ctrl + Left arrow | Switch between virtual desktops you’ve created on the left |
| Windows logo key + Ctrl + F4 | Close the virtual desktop you're using |
Taskbar keyboard shortcuts
| Press this key | To do this |
| Shift + click a taskbar button | Open an app or quickly open another instance of an app |
| Ctrl + Shift + click a taskbar button | Open an app as an administrator |
| Shift + right-click a taskbar button | Show the window menu for the app |
| Shift + right-click a grouped taskbar button | Show the window menu for the group |
| Ctrl + click a grouped taskbar button | Cycle through the windows of the group |
Fri, 09 Nov 2018 14:16:00 +0000
RID Hijacking
Relative Identifier (RID) Hijacking has recently gained public attention as a simple, novel, and effective technique to maintain persistence on a Windows system after initial compromise. As information security awareness continues to rise in many organizations their overall security posture also increases, especially in larger organizations that can afford it. As a result, many attackers are forced to leverage stealth techniques when targeting these types of companies to bypass security mechanisms.
RID Hijacking effectively allows attackers to assign higher level administrative privileges to lower level accounts that they might have direct access to after initial system compromise. What makes this method so attractive to attackers is that it leverages strictly Windows native commands to execute the technique, does not require installing any additional software, and is a relatively simple process. Therefore, it does not make much noise on a system and in many cases is difficult to detect unless defenders are carefully monitoring the Security Account Manager ( SAM) registry.
Since Windows XP, Windows uses the SAM to store security descriptors for user accounts. These Windows systems store most of this information in the ‘HKLM\SAM\SAM\Domains\Account\Use rs’ key, which does require SYSTEM level privileges to access. This key contains a variety of structured information representing user privilege information. The ‘Names’ subkey contains all the local user account names and looking at the ‘F’ value within this structure is a long number that contains the RID value at hex offset 30 within it along with other interesting information such as whether the account is enabled or disabled. According to security researcher, Sebastian Castro the RID copy stored in the ‘F’ value hex number is the value that is used by the Local Security Authority Subsystem Service (LSASS) and the Security Reference Monitor (SRM) to generate the primary access token used when translating from username to security identifier (SID). This token essentially is used on the system when users are attempting to access system services and applications. So if an attacker can modify the RID value to hex 0x1f4 or 500 in decimal of a guest user account as an example, they can give that guest account system level access. This technique is known as RID hijacking.
Sebastian Castro, the security researcher investigating this vulnerability also published an exploit which automates this attack in Metasploit, which is a popular open source exploit framework used by many worldwide. The exploit can be found at ‘post/windows/manage/ rid_hijack’ within the framework. This exploit has been tested on Windows XP, Windows Server 2003, Windows 8.1, and Windows 10. The best-recommended way to defend against this attack is by monitoring the system registry and looking for inconsistencies within the SAM.
Sources:
https://threatpost.com/trivial-postintrusion-attack-exploits-windowsrid/138448/ https://csl.com.co/en/rid-hijacking/ Fri, 26 Oct 2018 20:07:00 +0000
Zero-day jQuery Exploit
A zero-day exploit in the jQuery file upload tool may have had an open secret for years. A security researcher at Akamai Security Intelligence Response Team (SIRT) by the name of Larry Cashdollar found the exploit designated CVE-20189206. The vulnerability affects the plugin authored by Sabastian Tschan commonly known as “blueimp”. The jQuery File upload is one of the most starred plugins on github next to the jQuery framework itself. The tool appears to have been forked over 7800 times and has most likely been integrated on thousands of other projects.
The vulnerability affects Apache web servers that have the plugin and has existed since Apache 2.3.9 when Apache disabled support for .htaccess security configuration files. Unfortunately, jQuery’s file upload relied on .htaccess, and Apache made the change only five days before Sabastian’s plugin was first published. Worse yet it seems that this exploit has been an open secret in the hacker community for years. An attacker can use the vulnerability to upload files without any validation required. This would allow attackers to upload back doors, key loggers, and even execute a web shell on the server. Cashdollar was able to get in touch with Sabastion, and together they were able to work to get the vulnerability fixed in the latest version for the jQuery file upload. However, both noted that it is unlikely to get deployed in all the other projects and/or servers that use the plugin. They stated that there is no accurate way to determine how many projects that have forked from the jQuery file upload and if they are being maintained by applying changes to the master project. Additionally, there are no good ways to determine how many production environments that possibly have the plugin integrated in them.
Cashdollar has also noted that he doubts that he is the only person to find the videos that demonstrate this vulnerability. The videos on YouTube indicate that this exploit has been known and used in some circles for years, so it is possible that hackers have been able to quietly utilize this method to execute remote code on webservers that are using the plugin. However, now that the code has been patched and the exploit has been made public, there is concern that that the risk has increased. With an unknown number of potential forked projects and environments that might use the tool the likelihood that the patch will not entirely eliminate the potential threat. If you want to test your environment for this vulnerability this link will help
Https://gethub.com/lcashdol/treee/Exploits/ tree/master/CVE-2018-9206. There you will find the files that will test for three of the most commonly used variations of the exploit software.
Sources:
https://www.theregister.co.uk/2018/10/22/jquery_file_flaw/ https://searchsecurity.techtarget.com/news/252451045/Zero-day-jQueryplugin-vulnerability-exploited-for-3-years https://www.zdnet.com/article/zero-day-in-popular-jquery-plugin-activelyexploited-for-at-least-three-years/ Fri, 26 Oct 2018 20:06:00 +0000
Windows 10, version 1809 Features removed or planned for replacement
Here is a Blog from Microsoft about changes to Windows 10 1809.
Features we removed in this release
We're removing the following features and functionalities from the installed product image in Windows 10, version 1809. Applications or code that depend on these features won't function in this release unless you use an alternate method.
Features we’re no longer developing
We're no longer actively developing these features and may remove them from a future update. Some features have been replaced with other features or functionality, while others are now available from different sources.
If you have feedback about the proposed replacement of any of these features, you can use the
Feedback Hub app.
Sat, 20 Oct 2018 19:51:00 +0000
macOS 10.12 Draft NIST Security Configuration Checklist
NIST invites comments on Draft Special Publication (SP) 800-179 Revision 1, Guide to Securing macOS 10.12 Systems for IT Professionals: A NIST Security Configuration Checklist. This publication assists IT professionals in securing macOS 10.12 desktop and laptop systems within various environments. It provides detailed information about the security features of macOS 10.12 and security configuration guidelines. The publication recommends and explains tested, secure settings with the objective of simplifying the administrative burden of improving the security of macOS 10.12 systems in three types of environments: standalone, managed, and specialized security-limited functionality. A public comment period for this document is open until November 16, 2018. We strongly encourage you to use the comment template for submitting your comments. CSRC Update:
https://csrc.nist.gov/news/2018/nist-releases-draft-sp-800-179-rev-1-for-comment Publication Details:
https://csrc.nist.gov/publications/details/sp/800-179/rev-1/draft Sat, 20 Oct 2018 19:37:00 +0000
SSH ISSUE
For the past four years, thousands of servers may have been subject to an extremely simple authentication bypass vulnerability. CVE-2018-10933 affects libssh versions since 0.6.0, an implementation library for Secure Shell (SSH) that was released in 2014. It is limited only to certain implementations of SSH and does not affect the widely-used OpenSSH.
Still, all the attacker has to do is send the server the message SSH2_MSG_USERAUTH_SUCCESS" instead of "SSH2_MSG_USERAUTH_REQUEST" and they have full access. Experts are saying that the overall impact is small, given that OpenSSH is not impacted and a libssh patch has already been released. So how many systems are actually at risk? A quick Shodan search by one researcher returned 6,351 servers just by looking for "libssh". Another researcher added port 22 to the search, bringing the number down to 3,004. But this doesn't tell us how many systems are running vulnerable versions of of libssh. And really, pinning down an accurate number is not easy. Shodan doesn't cover everything that's out there and what's out on the internet can change in the blink of an eye.
We ran our search anyway and excluded the two patch versions that fix CVE-2018-10933, 0.7.6 and 0.8.4. Our total, 2,973, was only reduced by three for a total of 2,970 systems. Searching only for the first impacted version, 0.6.0, returned 1,259 systems. It’s not a large number, but that's still over a thousand systems that have not been properly patched in four years. These systems can also easily be found in a matter of minutes.
If that isn't enough, take a second look at the figure above. Most of the identified systems are based in the United States and belong to major communications companies. Sure, the footprint of this vulnerability is pretty small, but it's exactly the type of low-hanging fruit attackers look for - made all the more enticing by the organizations that appear to be most affected.
Sources:
Thanks to Peraton for this information
Sat, 20 Oct 2018 15:43:00 +0000
APT Group TeleBots Linked to Three Major Cyber Attacks
Advanced Persistent Threats (APT) are being recognized as one of the biggest cyber threats in the industry today. There are many groups globally behind the numerous attacks of this type in recent history. Three major cyber incidents that garnered global attention were the BlackEnergy power grid attack, the Industroyer power grid attack, and the NotPetya malware outbreak. However, what if the same APT group was behind all three of these attacks?
The BlackEnergy attack caused blackouts in the Ukranian power grid in December 2015. Industroyer, also known as CrashOverride, also attacked the Ukranian power grid in December 2016 and is the first case of malware designed to specifically target a power grid. After the BlackEnergy attack, the group behind it (also called BlackEnergy) became known as TeleBots and carried out attacks against the Ukranian financial sector, eventually culminating in the outbreak of the NotPetya malware. There was speculation in the cybersecurity community that the BlackEnergy and Industroyer attacks were both perpetrated by the TeleBots group but no evidence to support these claims. However, the discovery of another TeleBots malware, Exramel, by the ESET security group in April 2018 provided the missing link.
Exramel uses a backdoor that appears to be an upgraded version of the backdoor used by Industroyer. There are many similarities in the code, especially the list of available commands it can receive from its Command and Control (C&C) servers and the way each handles reporting and redirecting output streams. Each backdoor also disguises itself as an antivirus service for detection avoidance and groups targets based on their security solutions being used. The similarity between the two led the ESET researchers to conclude that it is unlikely to be a case of coincidental code sharing between threat actors.
Linking TeleBots to Industroyer shows just how much of a threat the group can pose, being the single entity behind three of the most groundbreaking and devastating cyberattacks in history. In addition, the recent claims from multiple governments that Russian military intelligence groups are behind TeleBots throws even more intrigue into the mix and leaves a daunting question: what could TeleBots be up to next?
Sources:
https://threatpost.com/notpetya-linked-to-industroyer-attack-on-ukraineenergy-grid/138287/ https://www.zdnet.com/article/security-researchers-find-solid-evidencelinking-industroyer-to-notpetya/ https://www.welivesecurity.com/2018/10/11/new-telebots-backdoorlinking-industroyer-notpetya/ Sat, 20 Oct 2018 15:32:00 +0000
KB4462928 - Critical Update for WS2016 Storage Spaces Direct Deployments
The 10C update for Windows Server 2016 has just been published, it includes critical updates for Storage Spaces Direct deployments and we recommend all customers aggressively adopt. This update addresses all top known supportability issues.
October 18, 2018—KB4462928 (OS Build 14393.2580)
Important Updates
Specifically, this update includes fixes for the following issues:
"Event 5120" with STATUS_IO_TIMEOUT c00000b5 after an S2D node restart on Windows Server 2016 May 2018 update or later
Virtual Disks resources are in No Redundancy or Detached status in a Storage Spaces Direct cluster
Thu, 18 Oct 2018 17:37:00 +0000
2018 NY Metro Joint Cyber Security WEBINAR
The 2018 NY Metro Joint Cyber Security WEBINAR will take place on Thursday
October 18th. NYMJCSC is now in its fifth year; featuring keynotes, panels and sessions aimed at various aspects of information security and technology.
This year will feature a webinar format allowing NYMJCSC to reach and educate a broader audience.
To register please go
hereConference Agenda
Time
Slot | Topic | Speaker |
2:00
- 2:40 | Behavior-based Internal Controls that Prevent Ransomware, Employee Theft, and Denial of Service attacks | 
| Jeffrey Wagar
Past President,
ISACA New Orleans Chapter
|
2:45
- 3:25 | Cyber Risk: It's All About People | 
| Alan Brill
CISSP, CFE, CIPP/US, FAAFS
Senior Managing Director,
Cyber Risk, North America,
Kroll (a division of Duff & Phelps)
|
3:30
- 4:10 | Cyber Dogfighting: Hacker Decision-Making and the Korean Air War | 
| Mathew J. Heath Van Horn
Assistant Professor,
SUNY Delhi School of Business
|
4:15
- 4:55 | Assessing Legal and Contractual Risk and Uncertainty with Bug Bounty Programs, Vulnerability Disclosures and Information Sharing | 
| Mark H. Francis
Partner - Tech & Data,
Holland & Knight
|
4:50
- 5:30 | "Not If but When?" - Leveraging AI to Jettison Mantras of the Past: How AI will Liberate Security of the Future | 
| John McClurg
VP & Ambassador-At-Large,
Cylance
|
Thu, 18 Oct 2018 16:14:00 +0000
