Event Recording
How a Shoemaker Stole the City Treasury and Ended up as a Social Engineering Legend
Click here to watch the recording of this session. You'll need to log in to watch it.
Cyber Security traditionally has been seen as the domain of Technology, with an expectation that the solution for cyber resilience has to be provided by IT – and we happily accepted this challenge and delivered numerous software and hardware solutions, design and development principles, policies and process controls.
However, as most successful cyber-attacks in recent time have started by targeting users with phishing emails or social engineering, raising awareness of their role in increasing cyber resilience is at least as important as providing “just a technical solution”.
This presentation will – based on example of a famous real robbery in Berlin – show how user awareness can become an important line of defence in cyber security.
When speaking about cybersecurity, Hollywood has made us think of hooded figures in a dark alley and real-time cyber defense while typing at the speed of light. However, proper cyber security means, above all, good, clean and clear security practices that happen before-hand and all day, everyday. This is particularly true for Identity and Access Management, which is a component of every domain within Cyber Security, and it's identified as a cause for more than 80% of data breaches. IAM is rarely about white-hat hackers counter-attacking an ongoing intrusion. It's mainly about a set of good practices, clearly defined processes and, overall, good hygiene in the way we manage our identities, our resources, our entitlements, and the way they relate to each other.
The growing prevalence of APIs presents security teams with an all-too-familiar problem - development can outpace security processes and protections, creating vulnerabilities that needs to be addressed. In this session, we will discuss how the security team can implement a phased plan to introduce visibility into your APIs, determine which APIs expose sensitive data and finally to build processes around how APIs are managed. In particular, we will discuss best practices, illustrated with real-world use cases for securing APIs without slowing down the speed of development.
