Cyber Security is becoming a compliance issue to the organizations and for some organizations and professionals, compliance is becoming a nightmare. However, it is compliance that saves an organization from the cyber threats and thus understanding compliance from the effectiveness perspective is very important. The session would get into the discussion of understand Compliance as a proactive measure, its advantages and challenges.
Banks are among one of the most mature industry from a cyber-security perspective, due to their conservative approach to risk as they have the key task of protecting customer assets and trust. As part of this discussion, we can understand more about the challenges, best practices and future of BFSI with respect to ever changing cyber threats.
Cloud Computing Security Architectures and Algorithms is going through a turbulent times. Cloud Products, Platforms, Processes and Principles are being tested by attacks of various kind. Cloud Computing boundaries and barriers are expanding to new frontiers with the proliferation of Digital Tools and Technologies. This session is a walkthrough on the fundamental axioms of cloud security with reference to architecture standards, industry best practices and a coverage of some of the most pertinent attack vectors in the recent times.
While the customers are often attracted towards the sexy security control, most of the data breaches could have been alleviated by simply following the fundamental security principles. This session is all about the deep dive on the worlds’ top 10 data breaches and the learnings from researching the data breaches.
1. Threat actor and their TTPs – ATT&CK Mitre
2. Cyber attribution intro
3. Possible ways of cyber attribution – Infra reuse, code reuse and others
4. AI approach to malware analysis – pragmatically analysing thousands of malware samples to glean patterns
5. Infra Reuse – Network Graphs for correlation and campaign analysis
6. Code Reuse – API calls, function, binary code overlap etc.
7. Deception and misattribution
8. Real world scenarios and cases from recent work
© Copyright 2021, (ISC)² Bangalore Chapter. All Rights Reserved. (ISC)², CISSP, SSCP, CAP, ISSAP, ISSEP, ISSMP, CCFP, CSSLP, HCISPP and CBK are registered certification, service, and trademarks of International Information System Security Certification Consortium, Inc.