1 / 24

Cyber Security Landscape

Cyber Security Landscape. About me. Josh Pauli Associate Professor of Cyber Security Dakota State University (Madison, SD) 10 years and counting! . About DSU’s Programs. We have 300+ students studying: Cyber Operations (Cyber Security) Computer Science. Cyber Operations.

lan
Download Presentation

Cyber Security Landscape

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Security Landscape

  2. About me • Josh Pauli • Associate Professor of Cyber Security • Dakota State University (Madison, SD) • 10 years and counting!

  3. About DSU’s Programs • We have 300+ students studying: • Cyber Operations (Cyber Security) • Computer Science

  4. Cyber Operations • Largest degree on campus (170 / 1200) • Explosive growth in the last two years (55 in ‘11; 70 in ‘12) • Want the best and brightest regardless of computing history • A great mix of: • Programming • Networking • Operating systems • “hacking”! • Ethics • Critical thinking

  5. Cyber Corps • Full ride scholarships + attractive stipend • $35,000-40,000 per year • including $20,000 stipend • Work for Gov’t agencies after graduation • National Security Agency (NSA) • Central Intelligence Agency (CIA) • Space and Naval Warfare Systems Command (SPAWAR)

  6. Center of Excellence in Cyber Operations • NSA wants the most technical cyber experts • DSU was selected as 1 of 4 in the entire nation • Now 8 schools • Only public institution in the nation • Only program with dedicated Cyber Ops program in the nation • Only undergraduate program in the nation

  7. Cyber @ DSU • Best Cyber Operations curriculum in the nation • Cyber Corps scholarships to save over $100,000 • Top Secret security clearance before graduation • Work on the top security projects in the world • 25 years old: • Undergrad & Graduate degrees in Cyber Operations • Top Secret government security clearance • 2-3 years of experience in a Federal agency • Any job you ever want anywhere you want it

  8. Today’s Rundown • What’s technical social engineering (TSE)? • Timeline of hacking • AV is dead! Long live AV! • How to prevent TSE attack • TSE in penetration testing • Q & A

  9. What’s technical social engineering (TSE)?

  10. TSE != traditional social engineering • It’s NOT: • Physical impersonation • Pretext calling • Dumpster diving • Still good stuff; just not what we’re talking about today!

  11. It is • Relying on people being: • Gullible • Greedy • Dumb • Naïve • And using technology own them! 

  12. What’s this “owned” you speak of? • Remote code execution • Administrative rights • Key loggers • <<insert juicy payload here>>

  13. We are actually pretty good at: • Not clicking links • Opening files • Visiting websites • But it only takes 1 person! • This is why we can’t have nice things…

  14. Timeline of hacking

  15. That escalated quickly

  16. Future is now

  17. AV is dead! Long live AV!

  18. AV is good at what it does • But it’s not enough • Just one “layer” • Signature-based = always behind • How AV vendors work (simplified) • Why security researchers giggle at this

  19. How to prevent TSE attack

  20. In a word: You • And only you! • User Awareness Training • Currently a raging debate in InfoSec • Fear v. education • Punish v. reinforce

  21. TSE in penetration testing

  22. TSE is PT; PT is TSE! • “Check the box” v. “Get after it!” • Timing • Scope • Price • So this is red team? • Who can actually do this?

  23. Q & A

  24. Thanks for having me! • Josh.Pauli@dsu.edu • @CornDogGuy • Happy to help anyway that I can! 

More Related