IISP East Midlands – Cyber Attacks & Live Hacks

24 Sep

On Sept 18th, Nexor and De Montfort University hosted the inaugural meeting of the Institute of Information Security Professionals (IISP) in the East Midlands. Twenty-five delegates were treated to a presentation and demonstration by Jay Abbott (Managing Director of Advanced Security Consulting Limited) on how easy it has become to play the role of a bad guy in Cyber Security.


The evening started with a slight delay while people fought with the local traffic, but the delay enabled delegates to visit the Cryptographic exhibition at De Montfort – an unexpected but excellent opportunity. The meeting proper started with an introduction from Colin Powers handing over to Jay.

Cyber Attacks & Live Hacks

Jay’s presentation explored how the key difference between good and bad guys was motivation, then went on to demonstrate a tool called Easy Creds showing how easy it was to set up a fake wireless access point, and use this to capture username / password and authentication cookies from unsuspecting mobile device users. Jay concluded with a perspective on how to defend systems against the easy-to-deploy threat.


Watch the presentation on YouTube.

A discussion then followed (not on the video), which largely focused on how do we as security professionals, in the light of such easy-to-deploy tools, get the attention of our respective companies, and ultimately boards, to accept the threat is real and investment needs to be in protecting the business from the effects of such threat.

What next for the IISP in the East Midlands

Following the discussion, the evening concluded with me leading a discussion on how to take the IISP East Midlands branch forward. My take away from the discussion was there is a real need and desire for a regular forum in the region, and some excellent ideas of topics were put forward with offers of venues. Encouraged by this we will certainly look to move forward.

Follow @IISPEastMids to keep informed of the plans as they evolve.

Credits

To get to this point with the IISP East Midlands has required the support and encouragement of a lot of people, dating back two years.
The key players have been Clinton Walker who allowed me to use the Talk*infosec event as a launch pad and sounding board. Tim Watson at De Montfort, who acted as the main catalyst – I briefly mentioned the concept to Tim earlier this year, and before I could take a second breath found myself in planning phone conferences with the IISP. Finally Colin Powers and Irene Dovey from Nexor who responded admirably to my call for help with sorting out the details, and I’m pleased to say they have agreed to be at the forefront of driving us forward.

Please keep your feedback coming, via the comments box below, as to what you would like to see from the East Midlands IISP branch, and how we should take it forward.

One Response to “IISP East Midlands – Cyber Attacks & Live Hacks”

  1. Steve Kingan September 30, 2013 at 09:01 #

    Great to see a cyber-forum addressing the needs of enterprises in general rather than just the security industry itself.

    Like

Please join the discussion, we welcome your views...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: