Cyber Security and You
Ethical Hacking Business Breakfast
Thursday 12 January 2017
Cyber Security and You Ethical Hacking Business Breakfast
Thursday 12 January 2017
Welcome from Chamber of Commerce
Alison Henderson
Chief Executive Officer
Chamber of Commerce
abertay.ac.uk
Cyber Security and You Ethical Hacking Business Breakfast
Thursday 12 January 2017
University Welcome and Introduction to
Ethical Hacking Team
Professor Nigel Seaton
Principal and Vice-Chancellor
Abertay University
abertay.ac.uk
Cyber Security and You Ethical Hacking Business Breakfast
Thursday 12 January 2017
Welcome from the Ethical Hacking Team and
Introduction to Student Demonstrators
Mr Colin McLean
Dr Natalie Coull
Lecturers in Ethical Hacking
Abertay University
abertay.ac.uk
Cyber Security and You Ethical Hacking Business Breakfast
Thursday 12 January 2017
Welcome from the Ethical Hacking Team.
Colin McLean, Natalie Coull,
Lecturers in Ethical Hacking
• Short introduction to Ethical Hacking at Abertay.
• A simple example of an “Ethical Hacking” mindset.
abertay.ac.uk
abertay.ac.uk
“Ethical Hacking” is an interesting term! • We examine hackers tools, tactics and behaviour
and THEN devise the most appropriate countermeasures.
• In the main, I teach how cyber criminals behave.
• Sounds a little odd but it is actually thinking about security in the normal way!
abertay.ac.uk
How would you break in?
Garage?
Window? Garage roof?
abertay.ac.uk
• The better we can think like the criminal – the easier it becomes to secure…
• Now we can think of the mitigations to these attacks.
• So this is what we do…..
abertay.ac.uk
World-wide job market….. • 2million people short in 2017. • 46% of jobs unfilled or filled with unsuitable people.
• Job market is largely vocational e.g. networking,
developing, support and testing.
abertay.ac.uk
Graduate destinations? NCC Group (x20), Firstbase (x4), Qinetiq, KPMG, Cigital, PWC, RBS, HSBC, MWR Labs, GCHQ, Tesco Bank, West point security, NCR, NTA Monitor, Mandalorian, Context IS, GFI Software, Pentest limited ,White Stratos, ECS Scotland, Netitude, Net-defence……
abertay.ac.uk
An example - Passwords • Eight or more characters .
• A mix of lower and upper case.
• At least one number (0-9)
• Here’s a great example a$5dQWER^%2eR!#
• Don’t do this. Don’t do that. Don’t do the next..
abertay.ac.uk
This leads to predictable passwords. • My daughter’s name is Wendy. She was born in
1994. What is my password???
• Wendy1994
abertay.ac.uk
Some positive advice…Methods. • Capitalise differently:
• weNdy1994 • Move the numbers:
• 1994weNdy or wen1994dy • Non-alpha numeric can be used intelligently
• (Wendy1994) , *wendy1994*, <wendy1994> • Duplicate:
• weNdy1994weNdy1994 • Add another word.
• wendy1994Dundee • A sentence:
• Wendy was born in 1994 or Wendywasbornin1994!
abertay.ac.uk
And more… • Colourise:
• TangerineColin1963 or Blue legged sheepdog • Exaggeration:
• December 32,1963 • Humour:
• Dyslexic man walks into a bra • Give yourself a title:
• Sir Colin the 94th • Slang:
• EhmColinNEhLikePehs • Insults! Smut!
• Think of your own….
• Combination of the above is a good idea…
Cyber Security and You Ethical Hacking Business Breakfast
Thursday 12 January 2017
Ethical Hacking Students
Demonstrations.
Niall and Peter
abertay.ac.uk
Cyber Security and You Ethical Hacking Business Breakfast
Thursday 12 January 2017
Mr Keith Brown MSP
Cabinet Secretary for Economy, Jobs and
Fair Work
Scottish Government
abertay.ac.uk
Cyber Security and You Ethical Hacking Business Breakfast
Thursday 12 January 2017
Vote of thanks
Blair Davidson
Director
Chamber of Commerce
abertay.ac.uk
Cyber Security and You
Ethical Hacking Business Breakfast
Thursday 12 January 2017
Top Related