What is Cyber Security?

A couple of days ago I posted a question in the Cyber Security Forum Initiative (CSFI) Group on LinkedIn about the definition of Cyber Security.

Here are some some answers:

Cyber Security1 Cyber Security2 Cyber Security3 Cyber Security4

 

5 Ways Social Media Will Change The Way You Work in 2013

Social media is getting more important in the workplace in 2013. Here are 5 ways social media will change the way you work in 2013.

  • Social media goes company-wide
  • Email use declines as better communication channels open
  • Social media command centers become mainstream
  • Social media compliance becomes a priority
  • International and niche social networks present new challenges

Read the full article from Ryan Holmes (CEO of Hootsuite, a social media management system) on Forbes.

 

 

 

Cyber Security, Companies like yours!

Cyber Security, Companies like yours!

Last week Vincent Olsthoorn (http://www.linkedin.com/pub/vincent-olsthoorn/15/a42/952) gave a presentation about cyber security during a NCIM TechTalk.

Here are the presentation slides (in Dutch)

20121201 security 101 – vincent olsthoorn from Harold Kasperink

Vincent started with explaining some common definitions like malware, fishing, baiting, vulnerability, exploit, zero-day and social engineering. Most of the definitions are explained in http://en.wikipedia.org/wiki/Computer_security

Vincent came with an example on how a determined hacker might attack a specific organisation with an online IT service in order to retrieve secret information. The first step will be passive information retrieval on all sources he is able to find. For example this includes searching for job vacancies containing technical details that already could point on vulnerabilities to attack. Step 2 will be scanning all public services on the front-end layer to get a better understanding of the network infrastructure and the software versions that are used (OS, Webserver, database etc). This is necessary for the third step: finding vulnerabilities to exploit.

A good hacker knows which tool to use for the job. Products like ‘Nessus’ might be helpful to point out vulnerabilities on popular software. But also testing the website for Cross Side Scripting (XXS) and SQL injection includes vulnerability testing and finally also exploiting. Exploiting a vulnerability can range from packet sniffing; causing inaccessibility for users; take over the admin user or even get shell access to server. For self-preservation, the hacker will clear all the traces he has caused during exploiting, including log files.

The OWASP (Open Web Application Security Project, http://www.owasp.org) is a worldwide not-for-profit charitable organization focused on improving the security of software. It gives organisations and individuals guidelines on how to deal with web application security risks.

There are a lot of stolen username/password combinations that can be downloaded from various websites. It is important to change your password often. Vincent started a discussion on the question which of these two password is less sensitive to be brute-forced:

[email protected]  or  olifantbradwurst?

Opinions were divided between multiple attendees.

Vincent finished his presentation with a short film about cyber security created by Deloitte (http://www.deloitte.com). The movie gives you an insight in the world of Cyber Security.

Cyber Security Movie: Companies like yours!

 

 

 

 

EXO U, The Class of the Future

Here is a video about the EXODesk, a multitouch tablet that is used to create the class of the future. This is how our kids will learn in the near future.

Watch the video