DON'T LEAVE CYBER SECURITY TO YOUR IT MANAGER - COMBATING EMERGING THREATS FACING SMALL AND MID-SIZED BUSINESSES
SUDESH KANNAN, PHD UNIVERSITY OF PHOENIX
& RON SEARLE BUSINESS CYBERSECURITY SOLUTIONS
Why don’t more small and mid-sized businesses (SMBs) take such steps to protect their most sensitive data assets? Companies cite that the lack of trained security staff and inadequate budgets are top barriers. However, given the enormous costs associated with a data breach, failing to protect against today’s dynamic threat environment could prove disastrous.
Cybersecurity at small and mid-sized businesses (SMBs) face ever mounting threats. The number of attacks is escalating rapidly and the emergence of new types of attacks is a business and technology reality. The current approach of simply using firewalls and anti-virus scanners are proving less effective every day, so a more holistic approach is needed.
There is no question, greater protection beyond the “traditional” cybersecurity tools are needed to solve the security problems of today. It is time for technology professionals to understand that security is a business policy and not a technology “product” to buy. Cybersecurity technology tools are just one of the many tools engaged to implement the security policies of their organization.
We will outline how to develop a standards based security policy for any SMB. With this top-down approach you can create a security framework to prioritize your efforts to securing your organization from top to bottom. Our framework addresses both IT and organizational issues which will help it be both cost effective and implementable.
We will also provide some examples of how others have approached this including a review of the NIST Framework for general business and the use of a Security Risk Assessment (SRA) for medical practices.
Sudesh Kannan PhD is a business security consultant and Business Faculty member at University of Phoenix and Associate Professor, Cybersecurity at University of Maryland at University College. His interests are Cybersecurity Awareness Training and Social Engineering.
Ron Searle is the founder/President of PCS International since 1986 along with a number of other companies specializing in Managed Services and Infrastructure support (PCS International), Cloud Hosting (PCS Cloud Solutions), Cyber Security (Business CyberSecurity Solutions), and Cost Management Solutions (Savings Consulting Group). Ron’s education started at Purdue with a B.S. in Computer Science and continued his studies afterwards to complete his MBA, master’s in project management, MCSE, Private Pilot’s License, and dozens of technical certifications over the years.
Best Practices for Credit Card Security: PA-DSS and Other Approaches
Joel Dubin, CISSP, QSA, PA-QSA
CoalFire Cyber Security
Breaches of credit cards continue to be in the headlines. This presentation will provide best practices, in general, for securing credit card data both in the merchant environment and in payment applications. The Payment Application Data Security Standard (PA-DSS) from the Payment Card Industry Security
Standards Council (PCI SSC) will be one framework for discussion. The presentation will show how best security practices, in general, lead to successful security reviews and PA-DSS assessments of credit card applications. Other types of credit card security, beyond PA-DSS, will also be discussed.
I have been a PCI Qualified Security Assessor (QSA) and PA-DSS QSA for almost a decade, and prior to that on the PCI review committee for a global bank, including overseeing the security of their credit card payment applications. I have reviewed payment application vendors from small mom-and-pop development shops to major global companies, and have conducted PA-DSS assessments in the U.S., Latin America, Europe and Middle East. I have also conducted PCI assessments and scoped architectures for PCI, PA-DSS applications and P2PE environments.
WIRELESS NETWORK FORENSICS
DR. HENRY HEXMOOR
SOUTHERN ILLINOIS UNIVERSITY CARBONDALE
With the proliferation of wireless networks, security is at odds with privacy and integrity. The presentation provides a broad overview of security strategies for wireless networks. Topics will range from intrusion detection and network security protocols to collaborative computing. Contemporary tools and techniques for wireless network security are reviewed.
Dr. Henry Hexmoor received the M.S. degree from Georgia Tech, Atlanta, and the Ph.D. degree in computer science from the State University of New York, Buffalo, in 1996. He taught at the University of North Dakota before a stint at the University of Arkansas. Currently, he is an Associate Professor with the Computer Science Department, Southern Illinois University, Carbondale, IL. He has published widely in artificial intelligence and multiagent systems. His long term and sponsored research include federal and state agencies and prime contractors. He is an IEEE senior member. His current Intertests include Cyber-physical systems, Wireless networks, Complex Networks, Multiagent Systems, cognitive science, Robotics, and Digital forensics.
NETWORK SECURITY: THE END USER CHALLENGE AND EVOLVING THREATS
DR. DAVID ANDERSON
In today’s increasingly digitized workplace personal computer literacy is a requirement. Individual computer security literacy is quickly becoming as important as computer application software literacy. While there is a school of thought that holds that coping with technology security issues is simply “picked up” through individual experience, current research of young adults and students indicates that 7 out of 10 frequently ignore IT policies, and 3 of 5 young adults and students believe they are not responsible for protecting information and/or hardware devices. There is a tendency to hope/expect any consequences from employee/student poor IT habits will be buffered by the organization’s Information Technology (IT) department. Post-secondary institutions have a vested interest in “biting the bullet” by assigning resources to the issue and ensuring that their students receive a minimum of personal computer security training just as they should ensure their graduates are computer literate in the use of business application software.
Doctor Anderson has earned the MCSE, CCNA, CIW Security Analyst, CIW Security Professional, CompTIA and other technical certifications and currently serves as an instructor/coordinator at Triton College. Doctor Anderson has the US Army's Airborne and Ranger skill identifiers. He has served as an instructor at the US Army Armor Center and School, Ft. Knox,KY., as a the S-3, Operations and Security, US Army-Kuwait, as a Senior Systems Engineer for Allstate Insurance, and as a training advisor for the New Military Technology System Special Projects Group for Raytheon. He is the current leader of the US-based Bronze Star Medal Association. His most recent IT qualification is Securing Cisco Networks with Threat Detection and Analysis (Cisco exam 600-199), approved as a Department of Defense (DoD)8570.01-M Certification.
Implementing an IoT Cyber Security Strategy in a Large Organization
Doug Hamilton, Sr. Director IoT Cyber Security
& Pritam Yadav, Lead Engineer
Hubbell Corporate Integrated Solutions Team
Hubbell, celebrating its 130 th birthday this year, is a $3.5USD billion company with diversified product and service offerings in the industrial, commercial, power and utility, residential, and oil and gas industries. Hubbell has largely grown over the years through acquisition. iDevices, acquired in 2017, represents the companies first consumer IoT products. Earlier this year Hubbell acquired Aclara, an advanced utility metering company that will expand Hubbell’s power and utility offerings.
These latest acquisitions, as well as organic growth, solidify the companies shift from limited connectivity offerings to IIoT and IoT offerings. This has prompted the forming of an internal corporate-wide product focused cyber security group focused on tools and processes to ensure the products, services, and systems we offer are free of cyber vulnerabilities.
Today, we’ll share our journey, to date, and methodology of this newly formed group with an emphasison the processes and tools we are evaluating to ensure cyber compliant products, software, and services.
I have held advanced development and research positions, most in emerging technologies, for nearly 30 years, the last 20 years in leadership positions. I have effectively recruited and led key technical teams at two leading OEM solid-state lighting (SSL) companies, The latter being Norlux (co-founder/owner/CTO), was acquired by Hubbell Inc. in July of 2013. I have presented on several technologies over the years and jointly hold five US patents, three within the solid-state lighting field, with four additional patents pending.
In my new role as the Senior Director of IoT Cyber Security on the newly formed corporate Integrated Solutions Team, I will be identifying and developing the processes and controls to ensure Hubbell’s digital IoT and connected platforms are protected from cyber threats. In my previous role as Director of Research and Development for Hubbell Lighting, Inc., I led technology initiatives, identified/researched future SSL technologies, and licensed/transferred new technologies to product groups.
Why you and Machine Learning are critical to securing today’s businesss
- Why you are critical to detection and response
- 8 easy ways to get compromised
- Why detection plays a key role
- Top Cyber-risks that were seen globally in the past year that made news
- Machine Learning and Artificial Intelligence
- Security Incident Monitoring - Machine Learning
- Machine Learning and how it helps today
- Fusion - Security Information Event Management (SIEM) and User Behavioral Analytics (UBA)
- Analytics Fusion - Machine Learning (ML) and User Behavior Analytics (UBA)
- Offense Prioritization – One way some SIEMs prioritize events
- Let’s pretend this was a real attack – walkthrough of a single email click
Thomas Lazarski is the Information Security Engineering Manager for Ace Hardware since 2015. Founded in 1924, Ace Hardware has over 5000 stores in over 63 countries and has a global distribution and transportation system to support the companies vision of being the most helpful hardware stores on the planet. In his present role, Tom is responsible for the cyber security engineering environment to support the global organization’s vision.
Tom is a Certified Information System Security Professional (CISSP) and a Certified Information Security Manager (CISM), holds a Master’s degree in Business Administration and is a member of the Information Systems Security Association (ISSA) and Information Systems Audit and Control Association (ISACA) and ISC2.
Prior to Ace Hardware, he worked for Symantec in the role of Senior Systems Engineer where he provided security solutions and consulting to a global customer base. Past positions also include the Senior Director of IT and Security Operations for Apropos Technology where he helped grow the information security and technology operations from a small startup to a publically traded company.
Are You Ready for the Next Perfect Storm? The Convergence
of IoT, Blockchain, Better Data Analytics and AI
Era Transformation group, llc
Tremendous technology changes in recent years have made exponential leaps in the way we will communicate, interact and transact with each other for generations to come. The Internet of Things
(IoT) has brought about the potential for low cost sensors on everything around us, on us and even in us. Blockchains and smart contracts with advances in encryption tools will provide for the immutable trust and transparency required to build the foundation of Web 3.0. The collection of all this data will provide startling context to how we behave and make decisions through Better Data Analytics. Advances in Artificial Intelligence through machine learning will change the way we interact with machines, our
environment and each other forever. What does this mean to your business? What are the technology risks? Can you protect your business against cyberattacks? We have now entered the Transformative Age – are you ready to do business in the future?
Laszlo S. Gonc, CISSP, is a nationally recognized keynote speaker on cyber security risk mitigation, digital transformation and other technology forces disrupting businesses today. He is invited at organizations, professional associations, industry conferences and universities providing thought leadership on the state of cyber security, IT risk mitigation, strategy execution and helping companies “Go Digital”.
A member of Infragard, ISSA and ISACA, he serves as Chair of the Project Management Institute (PMI) Executive Council, Executive Vice President for the Chicago chapter of the Association of Information Technology Professionals (AITP) and Board Director for Society for Information Management (SIM) Chicago. In 2016, he helped launch the SIM International Cybersecurity SIG for senior technology leaders and continues to serve as Director of Strategic Programming and Content and webinar host, announcing
their first annual national virtual Cybersecurity Conference in 2017. Laszlo is also co-founder of the Chicago Information Sharing and Analysis Organization (ISAO).
Blockchain and Blockchain Application Development: What It is, How It Works, Its Importance and Why It Is the Future of Computing and E-commerce
WILLIAM FAVRE SLATER, III, M.S., MBA, PMP, CISSP, CISA, SSCP, DCDP, ISO 20000, ITIL, IPV6
SLATER TECHNOLOGIES, INC.
Since the emergence of Bitcoin as the world’s leading “cryptocurrency” it has been met internationally with extreme reactions ranging from skepticism to fanaticism. An unexpected benefit of Bitcoin was the Blockchain Distributed Ledger. Smart people in Information Technology have begun to design and engineer applications that will efficiently, reliably, and inexpensively provide new levels of security, authenticity, control, and reliability that were not previously attainable in the commercial sector. This presentation is a prelude and rapid introduction to IIT’s very first Blockchain Development Class and explains these facets of this extremely important and rather new phenomenon. The outline is shown below:
- History of Money and Conventional Ledger Functions
- Tokenized Economy and Crypto Currency Concepts
- Bitcoin Basics
- Blockchain beyond Bitcoin
- Industries that will benefit from using Blockchain based solutions
- Blockchain Law
- Blockchain Technology
- Blockchain Databases
- Blockchain Security and Security Issues
- Ethereum Blockchain Technology
- Blockchain Limits and Challenges
- Examples of Real-world Blockchain Applications
- Examples of Real-world Ethereum Blockchain Applications
- How to Design a Blockchain Solution Project – an Organized High-Level Step-by-Step Approach
- Owner of Slater Technologies, Inc., and resident of Chicago, IL
- Currently a Senior IT Consultant, Project Manager, and Program Manager specializing in: in IT Security, Information Security, Risk Management Blockchain, IT Infrastructure Management, Data Center Operations & Development, IT Change Management, Application System Development, Technical Service Development, and Service Management
- An Adjunct Industry Professor at the Illinois Institute of Technology – for 10 years
- Mr. Slater nominated five IIT Student winners of the Illinois Technology Foundation’s Fifty for the Future Award
- Mr. Slater has presented at every Forensecure Conference since 2013.
- First data Center Manager of Microsoft’s Flagship Cloud Data Center, the Microsoft Chicago Data Center in 2008
- Managed Data Centers at BP from August 2001 – November 2006, was also a Change Management Manager and a System Administrator during that time.
- Have achieved 80 IT-related certifications, including PMP, CDCP, CISSP, SSCP, CISA, MCITP, MS Project, Visio, MCSE 2003 Security & Messaging, MCSD, MCAD, MCDST, and MCT
- Data Center Technology Program – Marist College & and the Institute of Data Center Professionals, February 2008 – Received the Certified Data Center Professional Certification
- M.S. in Cybersecurity – Bellevue University, Bellevue, NE (completed on March 2, 2013)
- MBA, University of Phoenix, 2010
- MS in Computer Information Systems, University of Phoenix, 2004
- BS in Engineering Technology with a major in Computer Systems Technology, University of Memphis
- Internationally published author & editor: Magazines, books, courseware
- Happily married (since December 2000) to Joanna K. Roguska, who is a professional web developer
- A former U.S. Air Force computer systems staff officer at Strategic Air Command Headquarters supporting the SAC Underground and SAC Battle Staff Command Control Communications Systems, July 1977 – October 1980
- Native of Memphis, Tennessee
85% OF APP STORE APPS FAIL OWASP MOBILE TOP 10: ARE YOU EXPOSED?
NowSecure continuously monitors millions of mobile apps in third-party apps in the Apple® App Store® and the Google Play™ store for security, compliance and privacy risks. A comprehensive analysis of iOS and Android apps found that a staggering 85% of those apps fail one or more of the OWASP Mobile Top 10 criteria. Given that the average mobile device has over 89 mobile apps on it, what are the odds your employees have one or more of the apps and what’s the real risk to your business?
During this talk, mobile security analyst Tony Ramirez will review the massive data set, detail the areas of exposure and review mitigation recommendations. Mobile apps power productivity in the modern business; don’t let a few bad apps bring it down.
Tony is a former IIT Cyber Forensics and Security student, and now industry professional working with NowSecure testing applications for IOS and Android. He has spoke in the past at IIT on a variety of cyber security related topics including application testing.
RADISHng: Building The Next Generation Cybersecurity Classroom
Don Nelson and Dawid Broda
ILLINOIS INSTITUTE OF TECHNOLOGY
RADISHng is the next generation of the RADISH virtual classroom environment that will provide the platform for applied research, laboratories and real-world content in the cybersecurity and forensics disciplines at the IIT School of Applied Technology. It blends the knowledge and experience gained from 15 years of experience and earlier versions of RADISH with significant enhancements. These enhancements are focused on two primary goals: providing a seamless, flexible learning experience and facilitating collaboration. All students inside and outside the classroom will access RADISHng through a common pathway, resulting in a uniform experience. The virtual environments will be configurable by instructors to be adapted to their specific curriculum needs and by students to aid in their research. Sophisticated online learning tools and equipment will be integrated to create a collaborative virtual classroom and laboratory setting. Schools and organizations will have the ability collaborate and participate in applied cybersecurity research securely between their institutions. This presentation will describe the design and capabilities of RADISHng and provide a practical view of the process involved with making the system operational.
Don Nelson is currently a professor at IIT, and Dawid Broda is a former student and current staff member assisting with the Cyber Forensics and Security program.
Leveraging software engineers to turn threat information into usable data
Recent advancements in machine learning and big data analytics have compelled organizations to integrate these technologies in their threat intelligence lifecycle. However, while we now have lower barriers to accessing large amounts of data and increasingly sophisticated methods to interpret it, a critical question arises: has this improved the quality of the data available? This talk will focus on challenges organizations face in ensuring threat information is actionable and valuable and will provide a software engineer’s perspective on how to best capitalize on technical talent in order to reach this goal.
Irina Renteria is currently a Software Engineer at Rackspace Managed Security and contributes to building and maintaining tools and systems serving the Threat Intel team.
High-Security Passwords Without Computer
Illinois Institute of Technology
Computers are increasingly susceptible to being hacked, so that even password managers cannot be trusted sometimes. This talk presents a method to generate highly secure passwords for different
logins through a human-computable hash. Attendees will be able to participate in an exercise and come up with their own variants of the method.
Francisco Ruiz is a professor at IIT's department of Mechanical, Materials, and Aerospace Engineering, but don't hold that against him. He has been interested in cybersecurity for a few years and is the
author of the easy to use PassLok app, an improvement on F5 image steganography, and other things.
Smart Phone Eavesdropping
Joshua Kazanova, Akvile Kiskis, Alejandro Gomez
There is a major concern within the field of cellular technology that revolves around the threat of audio eavesdropping. The process of investigating this concern in which applications have the ability to eavesdrop, via the microphone on the user without their consent is the main concern of this project. Through the development of our application and its process, which will include the testing of the microphone function, there will be a better understanding of detection, prevention, and limitation of Android applications as it relates to audio eavesdropping.
Image Tampering Detection
Shan Shazad, Fahid Wahid
As technology is quickly evolving, almost any image can be modified today. The detection of image manipulation is crucial because it can be used for legal evidence, forensics investigations, and in many other fields. This research will explore the ability to detect image tampered with specialized methods. These methods are addressed and implemented in software that detects images that have been tampered.
Securing IoT With Blockchain
Reem Alzahrani, Chandana Dhavala, Satwik Gorre
Internet of Things (IoT) is providing businesses in current and new markets with opportunities and competitive advantages. It touches everything - not just the data, but how, when, where and why you collect it. Blockchain technology can be a solution to deal with the growing number of IoT devices, privacy issues, and reliability. It can be used to track billions of connected devices, process transactions and coordinate between devices. It can also allow for significant cost education in installing and maintain centralized server allowing for considerable savings to IoT industry manufacturers. Adopting a decentralized approach with peer-to-peer communication can be efficient in precluding single point of failure and creating a more flexible ecosystem for IoT devices.
Virtual Assistant Privacy and Security
Ian Hernandez, Timothy Kang, Christopher Steinberg
With the appearance of many virtual assistants such as Google Home and Amazon Echo, many begin to question the privacy and security aspects of these types of technologies. Virtual assistants are always listening for specific keywords or commands before they begin executing their tasks. This can range from answering questions, to creating a list, or even queuing a video or song by communicating with other devices around the house. The questions that arise are: Are all our conversations, regardless of the keyword, being recorded and sent back to Google or other companies? Is the data that is being sent back encrypted and safe from unauthorized people? Is this data being stored temporarily or forever and what is it being used for? How secure are these devices? Are they vulnerable to known attack vectors? Are there other means of cracking into them? We attempt to answer these questions for Google Home devices. We monitor the network traffic and determine the extent that Google Home collects data. In addition, we attempt to deploy known vulnerabilities.
Abdullah Alanazi, Vavathar Mohammed Mudassir
Ransomware is malware which is designed to prevent access to a system or data until ransom is paid. It is fast becoming a one the most menacing cybersecurity threats. Unlike other malware which is used to steal data, ransomware is used to hold data hostage until a ransom is paid. Ransomware does its dirty work without even making a single call to the internet. There are many variants of ransomware such as one which eliminated data recovery options by encrypting the data, deletes the system restore points or even delete all the data dormant after a backup cycle. This project explores ways to detect, prevent and remediate a system affected by ransomware. Using software built using open source ransomware code, we develop a thorough understanding about how ransomware attack works, determine common infection vectors, and finally propose mitigation strategies.
Isabel Jaramillo, Ryan Seeden, Ramachandran Vijayakumar
The primary aim of this research project is to develop a video steganography system that can embed and extracting data from a MP4 video file using a Motion Vector technique. The MP4 format is widely used in today’s digital landscape, therefore it is a good choice for hiding data with steganography. Motion vectors divide each sequence of images into three types of inter-frames: I-Frame, P-Frame, and B- frame, which can then be divided into macroblocks. An algorithm was devised to help determine how much data can be hidden while minimally affecting the playing of the video. Following this, covert information is embedded.
Alexandre Florent Pierr Buisson-Chavot, Steven Lambert, Sravani Shatdarsanam, Himani Solanki
The detection of covert channels is of main concern when it comes to the exploits of covert timing channels over the Internet. Detecting covert timing channels can be difficult and exhausting process due to the high variation in legitimate network traffic. In this paper, we propose a Regularity based approach to detecting hidden message in the covert timing channels. Our approach is based on the observation that the variance of the inter-packet delays changes over time. It is true for most network traffic. However, the variance of inter-packet delays remains relatively constant if the encoding scheme remains unchanged. Our initial experimental results show that our approach can detect hidden messages.
Aneeshwar Botla, Yulli Chong, Sowmya Ibrahimpatanam, Olubunmi Oginni
This paper is an implementation of network steganography during a VoIP session. We are implementing two scenarios, the first being VoIP modification over two systems with a man in the middle attack/ARP poisoning and the second being where two hackers are taking over VoIP session between two random strangers on a network and modifying the audio. The proposed systems use X-lite as user agents and trixbox acting as the PBX server/ SIP proxy. The SIP proxy will route the call to the user. Once the call is established, we capture traffic by ARP spoofing and use the vulnerability of RTP media and send stego packets (prerecorded audio in this case) while the original call will be muted. Once the recorded audio is played the original conversation/normal call will continue. In both these scenarios the hacker can be the caller himself who is using this session to send secret information, or he can take over random VoIP session and use for their advantage