Open Source Intelligence and Cyber Strategies for CSOs and Security Investigators
Tuesday 4 December 2018: 12:00-16:30
Place: Ritz-Carlton Vienna
Over two days, delegates are shown the reality of just how easy real cyberattacks can be – even those with the most devastating effects – and the implementation of simple measures to avoid catastrophic risk. The course is suitable for entirely non-technical officers as well as cyber managers and administrators who wish to develop a sound understanding of just how easy and low-tech the efforts of an attacker can be, and how to implement mitigation or who wish to upgrade their existing skills to become more cost effective for their organisation. The practical elements are comprehensively taught in a walk-through manner to demonstrate the vulnerabilities in realistic targets. A key theme running through the course is that of workforce vulnerability – no matter how well defended the organisation’s intellectual property is, the staff are the way in.
Day One – The Risk
Focuses on the mindset and techniques of the attacker, whether a cybercriminal, a state actor, a corporate spy or frivolous hacker. Students are equipped with tools and techniques to perform investigations of targets in the preparation for a notional attack, essentially becoming the hacker to demonstrate just how easy those attacks often are due to the visibility of staff and corporate data online.
Introduction to Cyber Risk
- “It’s not about the tech” – why the attackers’ techniques are surprisingly low-tech, and why the information security risk lies with the human workforce, not their computers.
- Real world examples of catastrophic attacks and the vulnerabilities in every organisation.
- One size fits all – the common vulnerabilities used by any attacker against any target: corporate, government and personal.
Part One – reconnaissance
Scoping a target. A practical module demonstrating to delegates how an attacker uses OSINT (open source intelligence) to obtain corporate data and personal details using nothing more than search engines and free, legal tools.
Part Two – Attack
- Compare and contrast of ‘technical’ attacks with low tech and no-tech hacking by social engineering.
- Teach a man to phish. Understanding the myriad ways an attacker uses the freely obtained data to quickly penetrate an organisation through simple influence.
The Persistent Threat of Leaked Data
The permanent threat to corporations that arises from leaks of staff data from breaches such as Yahoo – even when non-corporate in nature, and even when many years old. Delegates are show the surprising amount of leaked data online and what to do about it.
Wi-Fi – the Corporate and Personal Risk
The largely unknown risks of wi-fi, not only as a vehicle for corporate intrusion by attackers but also for tracking the physical movement of individuals and identifying their homes. A practical module in which students are walked through the steps of an attacker breaking into corporate wi-fi and tracking of staff members using freely available tools.
- Methods of communication.
- The threat from disgruntled personnel.
- Coaching and mentoring.
- Managing change.
Objectives of course – Designed for CSOs and Security Investigators
- Zero-to-hero teaching approach to tracking down internal and external threats to organisations through:
- Personnel tracking – assessing the vulnerability of the “good guys” (our staff and our senior management/CEO) and tracking down the “bad guys” (would-be attackers.)
- Techniques in finding accessible, sensitive corporate data before the attacker does
- Implementation of free and low-cost, non-technical tools and techniques for CSOs in the collection of potentially useful information for investigative purposes, bolstering investigative (and auditing) capacity at minimal expense with a range of open source tools and methods.
- Clear understanding of the utility of seemingly innocuous open source data in the hands of malicious attacker – whether a technical attack or phishing and social engineering, noting that most attacks take place by exploiting members of staff.
About the Tutor
North Cyber are team of former intelligence officers with expertise in covert online operations and digital forensics. The company teaches government and corporate clients how find and fix the unseen holes in their security. They specialise in all levels of capability including low-tech and no-tech hacking, using freely available information to circumvent vastly expensive but ineffective security systems. The teaching draws on many and varied real-world examples from the private and government sectors, from the perspectives of the attacker and incident responder. Participants in these courses will evaluate their own experience on the course in gaining additional skills and understanding of the threats to their organisation and they will gain confidence in tackling these catastrophic risks to the comparate or government operation.
Resilience Communications Training – Media, Brand Protection, Crisis Governance
Tuesday 4 December 2018: 12:00-16:30
Place: Ritz-Carlton Vienna
Module 1 – New Threats – covers on new threats to energy and critical infrastructure, railways, aviation, shipping and ports, construction of buildings and to the financial and government centres of major cities. Catastrophic hazards that often generate media inquiries include internal issues within the corporation or government department, large transformation projects, major infrastructure construction, terrorism, cyber- attacks, extreme weather events, insider threats, security, organised crime and fraud and events such as Brexit, North Korea’s nuclear weapons programme, mass population movements, and military exercises close to national borders.
- Overview of regional and local threats to infrastructure and business
- New threats- cyber, terror, energy, transportation, leisure, finance and banking, building security
- Emerging events – Nation State hostilities, climate change and severe weather, Brexit,
- Interpreting threat intelligence and other information
- Situational awareness
- Crisis phases and human reactions
- Critical timelines for Internal and External Communications
- Team building for successful communications
- Cues, Signs and Symptoms
- When should Warnings be given
- Redressing Errors
Module 2 – Optimising Communication Strengths is a practice session for all the participants to identify their strengths in contributing to a media and brand resilience process. This could be gathering information and team leadership or presenting information to internal staff, stakeholders or preparation of information for spokespersons to use in media statements.
- Practice session for all attendees
- Case studies chosen are relevant to attendees’ industry sectors
- Building trust with the team and the media
Module 3- Governance for Crisis Communications brings together all the phases of a catastrophic event with new governance principles that will assist in reporting after an incident on how processes were successfully managed to contribute towards the brand protection and resilience operations of the organisation.
- Governance Principles relevant to the Communications Plan
- Analysing Feedback
- Brief Messages
- Regular timing of messages and trust building
- Recognising hostility and reducing tensions
- Assessing effects on the Brand and reducing losses
- Course Summary and Evaluation
- Individual completion of self-evaluation of changes in skill levels Modules 1-3
About the Tutor
Dr Sally Leivesley is an expert in catastrophic risk and security for protection of life and critical infrastructure. She provides around 100 interviews to media a year on extreme events and communicates on public safety issues. She has been providing commentary to the BBC World Service and many other media outlets since 9/11 and commenced her media communications work when tasked with recovering a city after a severe weather disaster. Her media work includes real time commentary during extreme life threatening events such as the Beslan school terror attack and in the immediate aftermath of terrorist and other incidents such as the flight MH17 aviation incident, Mr Litvinenko’s radiation poisoning, natural disasters, threats such as DPRK nuclear programme, terror attacks in France and Brussels, Britain’s 7/7 and 21/7underground rail terror attacks and she covers most major incidents of importance to the public in any year. She has worked in catastrophic risk assessments and training within critical infrastructure covering many industries including energy, petrochemicals, rail, aviation, shipping, banking, government emergency planning and nuclear, chemical, biological and radiological incidents. (www.Newrisk.com Recent Media Commentary).