Check out Luise Freese’s sketch note from Paula Januszkiewicz’s keynote: Attacks of the Industry: A View to the Future of Cybersecurity
Paula Januszkiewicz is a CEO and Founder of CQURE Inc. and CQURE Academy. She is an IT Security Auditor and Penetration Tester, Cloud and Datacenter Management MVP and trainer (MCT), and Microsoft Security Trusted Advisor. She is also a top speaker at many well-known conferences including TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, and CyberCrime, often rated as number-one speaker. She is engaged as a keynote speaker for security-related events and writes articles on Windows Security. She drives her own company, CQURE, working on security-related issues and projects. Paula has conducted hundreds of IT security audits and penetration tests, some for governmental organizations. Her distinct specialization is on Microsoft security solutions – she holds multiple Microsoft certifications, and is familiar with and possesses certifications in other related technologies. Paula is passionate about sharing her knowledge with others. In private, she enjoys researching new technologies, which she converts to authored training’s. What is more, she has access to the Windows source code!
Are there any attacks that are effective, reliable and almost always work? Of course! Even though an organization manages well the infrastructure, patches are regularly installed, network is monitored – there are attacks that are still working perfectly as it is really a matter of misconfiguration rather than serious security vulnerability. Could cloud technologies help it? Are Office 365, Azure, Amazon Web Services etc. secure? How to measure it? Is it worth to move some of the services to the cloud and mitigate the risk of breach? The problem is that some infrastructure mechanisms relay on type of communication used within the attacks and they use it for the normal communication: single sign-on authentication, service accounts, network sharing etc. and in vast majority of organizations that can be leveraged! Join us during this session to become familiar with the biggest mistakes in infrastructure security that, from the attacker perspective, can be pretty much always exploited. You will leave the keynote with suggestions & ideas on how to reach the next level of security in your workspaces.
(Right click and open in a new tab for a larger image)