A week does not go by without us hearing the term ransomware. The most recent case was the “WannaCry” cyber ransomware attack, which spread globally and has caused roughly $1 billion USD in damage and is still growing. It also infected approximately 300,000 computers worldwide. As we recover from this latest version of ransomware, let’s pause and understand what exactly this “ransomware” is that has all of us concerned.
Convergence explained. Three layers of security convergence. Strategy, People, Processes and Technology. Cyber Physical Systems, the IOT and blended security threats. Team response. Converged risks and common risk reporting. Cyber Risks of Physical Security and Building Management Systems explored. Recent examples of convergent work and technologies outlined.
James Willison is the Vice Chairman of the ASIS European Convergence/ESRM committee and winner of the Imbert Prize 2011 for his work on Security Convergence with ASIS Europe and the Information Security community including ISACA, ISC(2) and the IISP. As founder of Unified Security Ltd he works in the field of Security Convergence including HR, FM and other business support functions and is an implementation partner of CiticusONE risk management software. He holds an MA in Security Management from Loughborough University for his work on the convergence of Corporate and Digital Security. He is currently an Associate Senior Lecturer on the Post Graduate Security Management Programme at Loughborough University and regularly speaks at International Security Conferences including the ASIS European Security Conference, on Cyber Physical Threats, Converged Security and Enterprise Security Risk Management. He advises the Mitie TSM Board on Convergence and contributes to International Security Standards. In particular he co-ordinated the Convergence team on the ANSI ASIS Physical Asset Protection Standard which has sections on cross functional teaming and security convergence. He has twenty years experience in Physical and Information Security management, working with leading global organisations and involved in developing their security strategies. James is a member of the Security Institute and has written numerous articles on converged security risk management and contributes frequently to on-line security forums.Webinar Available Here
SOPHIA (Security Operations and Intelligence Analysis) converges physical and cyber data for Intelligent decisions to mitigate and detect cyber attacks and prevented others by ensuring the people, processes, and systems are protected with methods of resiliency.
SOPHIA is an globally accessible platform that provides an intelligent cyber and physical security management and critical risk software console.
SOPHIA will enable the security of all assets to be fully integrated. Every action becomes fully auditable with management information available at the touch of button, enabling your organization to have full visibility of security across all your locations.
Through SOPHIA’s salient, timely, accurate and filtered information feeds are automatically passed to selected staff 24/7. The management platform is mature and reliable. This ensures a comfort level that is meaningful and every part of a professional innovative security strategy.
SOPHIA is a suitable product for any corporation wishing to provide a consistent approach, an integrated security platform, the ability to measure / audit plus risk and cost reductions.
Among all of America’s critical infrastructures, the healthcare sector is the most targeted and plagued by perpetual persistent attacks from numerous unknown malicious hackers, intent on exploiting vulnerabilities in their insecure and antiquated networks in order to exfiltrate patient health records.
It’s no secret that the information security profession is lacking female minds. In fact, the 2015 (ISC)2 Global Information Security Workforce Studies study shows that women represent only 10% of the industry. Awareness is certainly improving, as evidenced by a recent increase in women-focused professional events. Yet, as the (ISC)2 studies have shown, the proportion of women to men has been stubbornly stagnant. The number of women in information security employment is growing, but only at the rate of growth equal to that of the profession as a whole. But what else can we do to improve momentum to ensure future success? Learn why networking, knowledge sharing and investing in the next generation are key to building a future for women in security, while also strengthening the industry as a whole.
Presenter: Ms Marci McCarthy:
Currently the CEO and President of Tech Exec Networks, Inc. (T.E.N.), an award winning technology and information security executive networking and relationship-marketing firm. As founder of the organization, she is responsible for driving the strategic direction of this widely respected, privately held company, remaining deeply engaged with a vast network of IT and information security professionals and solution providers.
Ms. McCarthy has more than 20 years of business management and entrepreneurial experience, including founding T.E.N.’s flagship program, the Information Security Executive® of the Year (ISE®) Program Series, which is lauded by the IT industry as the premier recognition and networking program for security professionals in the U.S. and Canada. In 2015, McCarthy launched ISE® Talent, a T.E.N. Company, which provides exclusive information security leadership talent management solutions.
Under McCarthy’s direction, T.E.N. has won numerous awards for offering programs that fulfill the need for security professionals to be recognized by their peers and exchange valuable information. In 2011, T.E.N. was an AMA Amy Awards finalist for its event marketing achievements. As a winner of the TAG 2010 Excalibur Award, T.E.N. was lauded for using technology to excel in their industry. That same year the company was announced as a finalist for the TechAmerica Spirit of Endeavor Awards, recognizing its leadership in technology education. In 2013, T.E.N. was once again named a finalist for the TAG Excalibur Awards.
Complimentary Registration and Additional Information Below:
Covenant Awareness, Training and Education Resource System (CATERS)
Our education and training program is designed to offer cybersecurity awareness training and certification programs to government, academia and the private sector, domestically and abroad. Our product line includes white papers, webinars, free courses, instructor-led and eLearning courses hosted on the Covenant Awareness, Training and Education Resource System (CATERS) learning management system. Please see our course catalog.
CATERS hosts our training marketplace which includes free courses through our partnership with The Defense Information Systems Agency (DISA). Upon registering for an account in CATERS students have 24/7 worldwide access to a variety of cybersecurity training and awareness tools. Watch “Cyber Security Training.” on YouTube.
Covenant offers training and tools of various sources to influence the security culture in business environments world-wide, unlike any other cybersecurity solutions provider.
Our mission is to:
- empower people (world-wide cybersecurity workforce)
- educate the cybersecurity community using strategically devised processes
- offer unsurpassed product line to promote cybersecurity awareness, training and education
- leverage partnerships to validate the power of collaboration in delivering relevant, real-world solutions through relationships that complement our uniqueness in strengthening end-to-end security and trustworthiness throughout cyberspace.
There’s strength in numbers; our strategic partnerships set us apart from other education and training providers and demonstrates how we complement each other. Our partners support CSS in fostering a marketplace community for the cybersecurity workforce. CATERS serves as a 1-Stop Shop for Cybersecurity Awareness, Training and Education resources and services.
Our goal is to:
- bring worldwide awareness to the importance of protecting our assets
- offer innovative, customized education to stakeholders world-wide on industry best practices
- ensure appropriate tools are available to promote the protection of assets in assorted environments
Through collaboration CATERS delivers value and educates the workforce by way of hosting awareness, training and education products that have been built and proven effective by the top talent in the field (iron sharpens iron). Our boots on the ground serve as subject matter experts in building our product line. We offer the total package enabling our cybersecurity workforce to work more effectively.
Vulnerability Assessment Service
Simple, fast i.e 7-10 business days, to provide actionable information one of your growing risk: Cyber.
Vulnerability Assessment Definition
A vulnerability assessment is a process that identifies, quantifies, and prioritizes (i.e., by the creation of a hierarchy) the vulnerabilities in an environment.
Our Vulnerability Assessment Service Identifies Your Security Weaknesses
Attackers gain access to and exploit your environment through vulnerabilities that exist across your systems and applications. Your risk exposure is heightened due to the fact that Internet connected applications and systems hold data that have an inherent monetary value.
- In 2013, 400 million credit card numbers, social security numbers, and other personal information were stolen1.
- Average cost of a US Data Breach: $5.4 million.
- Cost to US companies: $188 per compromised data record2.
Personally Identifiable Information (PII) such as birthdates and social security numbers, customer and client contact information, employee healthcare data, company plans and designs, intellectual property and competitive business information, and credit card numbers are easily converted to money by cyber criminals. These intruders are determined to obtain all data with a “street value” greater than the penalty they face if caught. A vulnerability assessment can help you understand where your protection is deficient and allow you to begin proactively eliminating intrusion opportunities.
The Covenant Security Solutions Vulnerability Assessment Service will illuminate defects within your network that can be utilized by attackers. Our certified security engineers will assess your organization’s susceptibilities by employing the best commercial and publically available tools as well as manual techniques. As risk assessment professionals, our experienced experts provide information assurance and security services to both private and public entities including the most highly classified operational systems within the Federal Government. While custom options are available, in general, our vulnerability assessment will evaluate your firewalls, routers, web servers, databases, and network connected devices.
What Our Vulnerability Assessment Service Will Do For You
Provide A Network Security Evaluation
Help your organization by testing for and discovering vulnerabilities and network security gaps combined with recommendations that will allow you to take specific steps to improve your security posture.
Answer Your Most Important Security Questions
- “What information security weaknesses do we have?”
- “How can we address our information security liabilities?”
- “What should we remediate first?”
- “Which issues are the most critical?”
Test Your External And Internal Assets
Externally testing your environment will reveal vulnerabilities exploitable by an attacker outside of your organization attempting to break in. Internal testing will expose vulnerabilities within the systems, applications, and network infrastructure that reside behind your trust barrier.
Help You Meet Your Compliance Requirements
Our Vulnerability Assessment Service can help your organization meet periodic compliance requirements by scanning your environment for vulnerabilities and providing a list of remediation objectives.START NOW
Other Services You May Be Interested In
- Risk Assessments
- Security Engineering
- Information Security Training
- Cyber Operations Support
1Cenzic 2014 Application Vulnerability Trends Report
2Poneman Institute 2013 Cost of Data Breach Study: Global Analysis