Defending Containers Like a Ninja: A Walk through the Advanced Security Features of Docker & Kubernetes

Today, with a few commands anyone can have containers running on their machine; at this point, they seem to be neither complex nor complicated to secure. However, the story dramatically changes when the ecosystem grows exponentially and now we have thousands of nodes that fulfill different roles, with different resources, running different applications, in different […]

Read more

Policy Implications of Faulty Cyber Risk Models and How to Fix Them

Bad security data leads to bad security policies; better data enables better policies. That, in a nutshell, is the thesis of this talk. To back that up, we’ll share a FUD-free and data-driven analysis of the frequency and economic costs of tens of thousands of historical cyber incidents, with a special focus on events that […]

Read more

The Paramedic’s Guide to Surviving Cybersecurity

The security world is fraught with cases of mental health issues, burnout, substance abuse, and even suicide. We live in a world of threats and responses that trigger the deepest parts of our psyche; with the barriers between “”online”” and the physical world constantly crumbling. While some deal in theory, many of us deal with […]

Read more

My Cloud is APT’s Cloud: Investigating and Defending Office 365

As organizations increase their adoption of cloud services, we see attackers following them to the cloud. Microsoft Office 365 is becoming the most common email platform in enterprises across the world and it is also becoming an increasingly interesting target for threat actors. Office 365 encompasses not only Exchange, but also Teams, SharePoint, OneDrive, and […]

Read more

Detecting Access Token Manipulation

Windows access token manipulation attacks are well known and abused from an offensive perspective, but rely on an extensive body of arcane Windows security internals: logon sessions, access tokens, UAC, and network authentication protocols, such as Kerberos and NTLM, to name a few. Furthermore, some of this information is not easily found and can be […]

Read more

Lamphone: Real-Time Passive Reconstruction of Speech Using Light Emitted from Lamps

Recent studies have suggested various side-channel attacks for eavesdropping sound by analyzing the side effects of sound waves on nearby objects (e.g., a bag of chips and window) and devices (e.g., motion sensors). These methods pose a great threat to privacy, however they are limited in one of the following ways: they (1) cannot be […]

Read more

Intelligent Network Security: A Paradigm Shift in Cybersecurity!

Cyberattacks are ever-evolving, increasingly using automation to morph and elude detection. Add to this an ever-expanding attack surface, the rapid growth of both cloud adoption and remote users, and a flood of new, hard-to-secure IoT devices. Clearly, the enterprise threat landscape has never been more challenging. Traditional manual and reactive security approaches are simply over-matched. […]

Read more

Level Up Your SOC: Meet CyBot, Our Open Source Threat Intel Chat Bot

Threat intelligence chat bots are useful friends. They perform research for you and can even be note takers or central aggregators of information. However, it seems like most organizations want to design their own bot in isolation and keep it internal. To counter this trend, our goal was to create a repeatable process using an […]

Read more

A Decade After Stuxnet’s Printer Vulnerability: Printing Is Still the Stairway to Heaven

In 2010, Stuxnet, the most powerful malware in the world revealed itself, causing physical damage to Iranian nuclear enrichment centrifuges. To reach Iran’s centrifuges, it exploited a vulnerability in the Windows Print Spooler service to gain code execution as NT AUTHORITY\SYSTEM. Due to the hype around this critical vulnerability, we (and probably everyone else) were […]

Read more

Mitigate Organizational Risk With Integrated Cyber Resilience

Threats have changed over the years and so have the targets. It’s not just your perimeter that is at risk, it’s your customers, your supply chain, your employees and your business reputation that could be easily tarnished with just one breach. In this session, we’ll discuss how and why you should consider an integrated approach […]

Read more

From Security Operations to COVID-19: Security AI State of the Nation, 2020

Many businesses are at a disadvantage when it comes to combating the bad guys. In cybersecurity today, there are too many threats, complex tools, and false positives– not to mention the lack of experienced security professionals – to defend your whole enterprise properly. Fortunately, technologies such as AI and analytics are here to help. However, […]

Read more

Dissecting Pandemic-Themed Malware and Threat Tactics

Threat actors have always played the game of emotions. Fear is the emotion they are using right now to lure users to click on an email or manipulate them to install an application. In the last four months, cyber criminals have used fear as their main weapon to compromise users by using pandemic-related themes to […]

Read more

Measuring Risk in 2020 – The Enterprise of Things Security Report

While cybersecurity teams work to address operational and functional gaps, cybercriminals develop attacks targeting the top areas of risk for a company. Using the Forescout Device Cloud, the world’s largest repository of connected device data, Forescout Research Labs analyzed the risk posture of more than 8 million devices to uncover detailed information about the greatest […]

Read more

Trends in IOT/OT/mIOT

Non-traditional operating systems are driving even more complexity to the security landscape. Whether it’s an IPCamera at a parking lot, a sensor on a conveyer belt or a control system kickstarting a nuclear reactor, these facilities need to be recognized by security. Defining and discovering these assets sets a new perimeter…utilizing their data safely is […]

Read more

Cloud First It for Dynamic Work

Okta has been supporting a remote workforce for years, but like many organizations we were not expecting a rapid shift to 100% remote work. Fortunately, our IT leaders had the secret sauce for a relatively seamless transition: a 100% cloud-based architecture. This session, featuring Okta’s IT leadership, will cover how Okta’s cloud-first IT strategy and […]

Read more

Evolving Your Security Culture

2020 has seen a significant shift in how businesses abruptly implemented remote working. With the massive surge of “Work From Anywhere” (WFA) and the information security challenges that came with it, there is a strong push to improve and modernize the security culture of organizations of all sizes, without compromising on collaboration and productivity. Join […]

Read more

How an XDR Approach Helps Speed Response & Improve MITRE ATT&CK Coverage

XDR is an emerging industry approach that extends EDR’s insight to a broad range of sources (endpoint, servers, network, email, and more). Join Trend Micro Sales Engineer, Peter Cresswell, to learn how the XDR approach takes advantage of detailed activity telemetry (not just alerts) from its sources, enabling more meaningful correlation and enabling rapid detection […]

Read more

SASE Success Behind-The-Scenes

SASE converges network, web, data, and cloud app connectivity and security, but implementing a true SASE architecture is a daunting task and there is no one-size-fits-all approach. Join Forcepoint Global CTO Nicolas Fischbach for insights on Forcepoint’s approach to delivering the industry’s first true data-centric SASE as well as providing steps for a practical approach […]

Read more

The Impact of Digital Transformation in the Face of Today’s Threats

Digital Transformation and the rapid need for supporting remote workers for digital business processes took every industry by storm. This change has presented new risks, unlike what companies have seen before, and has created the greatest loss of visibility for security, auditing, and quality control professionals since the emergence of the Internet. As companies continue […]

Read more

The Hunt is On!

“I do have are a very particular set of skills, skills I have acquired over a very long career. Skills that make me a nightmare for people like you.” – Bryan Mills (Taken) Wouldn’t it be nice if we all had the skills required to send that message to cybercrime actors? Wouldn’t it be nice […]

Read more

Building a Threat Intelligence Team From Scratch on a Budget

Budgets are tighter than ever during the COVID-19 pandemic and threat actors have only increased their malicious activity. This makes it difficult to start a new threat intelligence program, but it doesn’t have to be this way. In this talk we will teach you how to start a threat intelligence team from scratch using repurposed […]

Read more

Using Automation to Secure Your Remote Workforce

COVID-19 has already profoundly changed the way many of us work in security operations—including the necessary acceptance of BYOD (Bring Your Own Device). These devices make a tempting target for cybercriminals, and organizations are scrambling to beef up their perimeters. Learn the various solutions CIOs and CISOs are adopting to help address securing their remote […]

Read more

The Need for Speed: Collaborative Strategies for Accelerating Security Outcomes

While advances continue to be made in InfoSec practices and tools, attackers still seem to outpace defenders. Why? There is a plethora of industry knowledge about what should go into a mature security program, yet organizations still seem to struggle with how to go about building and evolving theirs in ways that provide real, tangible […]

Read more

Sophistication Advancements in Ransomware

Cyber attacks and specifically Ransomware continue to evolve and change the way the world does business. Over the last several years, actors performing ransomware attacks have increased their capabilities and sophistication which has resulted in more refined targeting, but also additional revenue generation. Josh will share some the most recent Canadian and Global attacks, as […]

Read more

Priority Intelligence Requirements (PIR) Are Not Just for Threat Intel Analysts

The Intelligence discipline has defined processes, analytical techniques, and procedures, but they are not only for Intel teams. The analytical techniques that have been cultivated, refined, and tested within the Intelligence cycle have been used for operational use to make teams more successful since they are adaptable. For example, Priority Intelligence Requirements (PIRs), are long […]

Read more

How to Talk to the Board About Cybersecurity

With the sudden shift of the global workforce from in-office to remote, IT teams quickly transformed their operations to accommodate the new realities of business — including large-scale adoption of work-from-home technologies, heightened activity on customer-facing networks, and greater use of online services. While these examples of agility allowed business to continue, they also greatly […]

Read more

A New Security Reality: Data IS the Perimeter

We all know that the operating paradigm in which business is conducted changes on almost a daily basis, yet the way we defend the sensitive data within our business has remained static for nearly 3 decades. Perimeter security is not sufficient, and that’s why we have embraced the concept of Securing the Breach by protecting […]

Read more

Understanding the Threat Landscape

Today’s attackers have abandoned the equivalent of sledgehammers for a quiver of custom arrows as they increasingly conduct extensive reconnaissance and choose weapons specifically tailored to exploit the defensive weaknesses they discover. Even worse, they have an ever-growing range of new or increasingly used vectors from which to choose. During this session, you will learn […]

Read more

Could Your Business Survive a Ransomware Attack?

Ransomware has been in the wild since 1983 but saw a steep rise with the advent of WannaCry in 2017 and is showing no signs of slowing down. In fact, we are seeing more breaches than ever before using this attack. It is important for everyone to understand how it works and how to avoid […]

Read more

Knowing Is Half the battle: Shared Responsibility and Secure Configuration in the Cloud

In this session, we will dive into the shared responsibility model that exists within the world of cloud service providers (CSPs). While the service providers take over much of the responsibility traditionally owned by IT teams, they also introduce new responsibilities that may create blind spots. We’ll look at how the CIS Benchmarks for CSPs […]

Read more

A Hackers Dream: Unmanaged Privileges

In times of crisis, good security practices are often the first thing to go. Organizations are being forced to revisit their “temporary” remote working policies and tools. An expanding remote workforce can increase your security risk, especially if your IT and Support employees use non-secure remote access tools as temporary measures. Are temporary remote access […]

Read more

Cyber Threat Intelligence and Today’s Complicated Cyber Security Environments

Threats to your organization can be overwhelming. Your Threat Intelligence shouldn’t be. Today, there is a huge and growing need for the simplification of threat intelligence. Security environments are already over-complicated and getting worse. In this session, you’ll learn how up-to-the-minute, relevant data can help you manage the risks associated with IT security threats, within […]

Read more

Don’t Be Afraid to Upgrade: Lessons of Speed and Security From High Performance Open Source Development

For the past six years, I’ve studied behaviors of 15,000 commercial development teams, 24,000 open source projects, and the community of adversaries attacking open source software supply chains. One thing is certain: when it comes to security, speed is king. In 2017, it took three days for adversaries to exploit new vulnerabilities discovered in open […]

Read more

AD Security vs Modern Attacks

Active Directory has been providing critical services and infrastructure to nearly every company, organization and even government agencies since Y2k. AD has grown with us, both in functionality and security but so have the attackers. Since AD contains information about all of our users – both standard and admins, touches and controls access to most […]

Read more

Zero Trust Security Starts With Identity

Some organizations have been embracing the “Zero Trust” security model, and others are still trying to decide what it means and whether it makes sense for them to try it. With the sudden need for more flexibility, scalability, and remote access, many of these enterprises have found themselves in unfamiliar territory without a map. In […]

Read more

SOC Automation: Faster Decision Making and Response

Security analysts spend two-thirds of their time on triage and investigation. Why then do most security operations teams only automate response? In this presentation, Andy Skrei will share his experience automating the end-to-end security workflow while leading security investigations at one of the world’s largest online retailers and through working with many of the world’s […]

Read more

CryCryptor, the Fake COVID-19 Tracing App That Targeted Canadians

Cybercriminals regularly use major newsworthy events as an opportunity to lure targets into their trap. The COVID-19 pandemic probably constitutes one of the most prolific and advantageous settings for the bad actors to launch their attacks: an anxious population, a digital transformation movement that pushed everyone online, high demand for goods that are no longer […]

Read more

A Brave New World – Attacks in the Age of COVID

The COVID pandemic has allowed attackers to exploit users with phishing attacks, ransomware, and other scams. FortiGuard Labs has recorded over 600 unique campaigns related to COVID cyberattacks per day. We will examine some of the top attacks, understand how attackers are creating the attacks, and the platforms they are targeting. Learn how attackers have […]

Read more

Detection Mastery – War Stories from the Hunters Side!

Threat Hunting is a rapidly evolving topic in cyber security. Armed with more than 20 years of enterprise and military experience, being on both red and blue sides – we plan to determine the approach to next generation detection.  The defending industry is shifting from Reactive to Proactive mode by deploying both Red Teams and Threat Hunters to constantly challenge […]

Read more

The fast and the FAIL 8

When it’s 2020 and all you can think about is how fricken awesome 2019 was, what better way to fill your time at a virtual conference than the 8th instalment of “oh, they’re talking about FAIL again” with the added special je ne sais quoi of 2020’s litany of FAIL. Join the yet to be […]

Read more

Submarines in Pirate Waters: Cloud Attack Strategies

For several years now, our application deployment and infrastructure constructs have changed. What have we done to help model and simulate what the attackers are doing on the internet? In this talk we will be discussing features found commonly in cloud environments, and specifically, Kubernetes based attack strategies that a group can simulate. The talk […]

Read more

Crown Jewels Lifecycle Management

Typically, business leaders find it challenging to provide oversight, guidance and act upon their organization’s Cyber strategy. To be able to make risk-informed decisions and invest judiciously in Cyber risk posture improvement, it is crucial to identify and effectively govern the protection of the organization’s Crown Jewels. I will provide a clear understanding of what […]

Read more

Solving Security’s People Problem by Expanding the Talent Pool

Cybersecurity issues are plaguing organizations large and small today, and not only due to technical issues. With the wide variety of tools available to cybercriminals, there is a significant need to introduce more qualified defenders to level the playing field. However, this is far from reality due to a well-documented skills gap – a problem […]

Read more

How to Store Sensitive Information in 2020

It goes without saying never ever store personal/sensitive information in clear text. It is also a well-known fact salting, hashing, or stretching your information can provide little protection against contemporary computer architectures and modern brute force attack constructs. Those abreast with this subject would have come across countless advocatory material suggesting using key derivation functions […]

Read more

Tech for Good, Maybe

Cambridge Analytica paid a data scientist 800k to develop an app called ‘This is Your Digital Life’. Facebook gave it a platform, and soon Analytica had the data necessary to influence the 2016 US election. So with it died any notion that technology is neutral; compute power just like any other kind is available to […]

Read more

DevSecOps: The Right Solution to The Wrong Problem

DevOps philosophies reduces the barriers between development and operations teams. Therefore, DevSecOps is when all three teams are working together in perfect harmony. DevSecOps is vying for the buzzword of the year and little else. In a PowerPoint slide, it’s a solid solution. But when put into practice, years of security team, communications challenges, and […]

Read more

Only After Disaster Can We Be Resurrected: Field Lessons in Cyber Incidents

Only after disaster can we be resurrected. While you’d think it’s wisdom from Gandhi or perhaps Buddha, it’s the insightful musings of fictitious character, Tyler Durden from the 1999 movie, Fight Club. This alter ego has it right. We can learn more from mistakes, errors or even disaster than we can from what went right. […]

Read more

The Great Hotel Hack: Adventures in Attacking the Hospitality Industry

Ever wondered if your presence has been exposed to an unknown entity even when you are promised full security and discretion at a hotel? The hospitality industry is a target nowadays for cyber threats. Hotels present many opportunities for hackers and other cybercriminals to target them resulting in data breaches accessing not only credit card […]

Read more

Common Flaws in Public and Private ICS Network Protocols

Industrial Control Systems / Supervisory Control and Data Acquisition (ICS/SCADA) are both the lifeblood of any critical infrastructure, and play an important role in any operation’s ability to communicate between various ICS components, relay sensitive data, or manage critical sensors and equipment. Due to the specific and unique needs of the industrial control industry, ICS […]

Read more

One Malicious Message to Rule Them All

As the world quickly transitioned to remote work due to COVID-19, companies were forced to make dramatic changes in how they operated. To keep employees safe and productive, companies adopted communication platforms like Teams, Zoom, Slack en masse. And while those tools fundamentally changed the way many of us work, they have also created new […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!