Since cybersecurity is definitely an issue that’s here to stay, I just checked out the recently released early episodes of Cato Networks. Cyber ​​Security Master Class Series.
According to Cato, the series aims to teach and demonstrate cybersecurity tools and best practices; provide research and concrete case studies on cybersecurity; and bring the voices and opinions of top cybersecurity thought leaders. Designed for security and IT professionals, C-level managers, and security experts, each session contains both theoretical and practical examples on strategic, tactical, and operational issues across a wide range of topics.
Classes are facilitated by Etay Maor, an industry-recognized cybersecurity researcher and keynote speaker, who is also Senior Director of Security Strategy at Cato. Four of the 8-10 annual planned episodes are currently available online.
- Episode 1, entitled How (and why) to apply OSINT to protect your business takes an in-depth look at our era of proliferation and over-sharing of data – people sharing too much information on social media; PDF and Excel files containing sensitive data in the open; and devices showing open ports and services.
- The public availability of all this information, which has increased with the increase in the remote workforce since the onset of COVID-19, makes Open Source Intelligence (OSINT) a real threat, as threat actors collect and identify data that can put businesses at risk.
- In addition to providing tips and tricks for a better understanding of OSINT, this master class explains how to apply OSINT tools (including free tools) to protect users, processes and technologies; and how Google Hacking, Shodan and Censys can be used to collect valuable data.
- As low-risk, high-yield ransomware attacks dominate the cyber threat landscape, the second episode Ransomware: Attackers, Defenders, and the FBI Perspective is very relevant. Exploring the history of ransomware attacks and the types of extortions used, it also offers important information on how to use security frameworks such as MITER ATT & CK. And there are some fascinating FBI ideas from guest speaker, SSA Doug Domin of the Boston FBI Criminal Cybersquad, as well as advice from the ransomware groups themselves on how to avoid attacks!
- We are probably all aware that deepfake technology is increasingly accessible, with attacks ranging from forging a video for ransom, to actual fraudulent transactions and national security incidents. In fact, the FBI recently issued a warning that deepfake attacks on organizations are an imminent threat. Master class episode 3, entitled From disinformation to deepfake, allows you to understand the different forms of information manipulation, such as voice synthesis, the exchange of faces and the control of puppets.
- Guest presenter Raymond Lee, CEO of FakeNet.AI, provides great examples and techniques on how to identify and mitigate deepfake threats, as it reviews different forms of information manipulation and deepfake levels (from cheap fakes to full fusion) and types of attacks using deepfake technology.
- Finally, did you know that the White House recently issued an Executive Order (EO) on improving US cybersecurity? Describing the various agencies and infrastructures deemed critical to the security of the nation, the OE asserts that “critical infrastructure” does not only refer to power plants, hydraulic installations and military systems, but also to the many digital systems on the site. which the nation relies on.
- With cybersecurity incidents targeting critical infrastructure – from food manufacturers to pipelines and government electronic health systems – and supply chain attacks on the rise, the fourth episode, Supply chain attacks and critical infrastructure: CISA’s approach to resilience provides an opportunity to understand if we are part of a critical system and what the government is doing to protect it.
- Ron Ford, Cyber ​​Security Advisor at CISA / DHS (Cybersecurity and Infrastructure Security Agency / Department of Homeland Security), presents CISA’s Cyber ​​Security Advisor mission and program. With Etay Maor, they discuss attacks on critical infrastructure and the supply chain; assess the scope of cybersecurity assessments – from strategic to technical; and the DHS “Misconceptions vs. Reality â€for the security of infrastructures.
So, is your data safe? While I can’t answer that for you, I can certainly recommend these master classes, which offer refreshing and enriching discussions on how to deal with real-world security topics, along with important ideas and practical tips from industry leaders and very cool guests. speakers. I am already looking forward to the next episode, in which I understand that they will welcome the CISO of Delta Airlines. Enjoy!
