Hosted by the Cyber Security & Networking Research Group, Anglia Ruskin University, OWASP (Open Web Application Security Project) Cambridge Chapter & BCS Cybercrime Forensics SG.

This evening is part of a series of evening events on raising awareness for local businesses & organisations on the issues of cyber security and cybercrime, what regulations and legislation do organisations need to be aware to protect themselves and what is considered best practice in these challenging times.

Background

OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organization focused on improving the security of application software. Their mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.

The Cyber Security and Networking (CSN) Research Group at Anglia Ruskin University has close working strategic relationships with industry, professional bodies, law enforcement, government agencies and academia in the delivery of operationally focused applied information and application security research. We have strong international links with professional organisations such as OWASP, BCS, ISC2, IISP & the UK Cyber Security Forum amongst others. The primary aims of CSNRG are to help the UK and partner nations to tackle cybercrime, be more resilient to cyber-attacks and educate its users for a more secure cyberspace and operational business environment.

These will be achieved through the investigation of threats posed to information systems and understanding the impact of attacks and creation of cyber-based warning systems which gathering threat intelligence, automate threat detection, alert users and neutralising attacks. For network security we are researching securing the next generation of software defined infrastructures from the application API and control/data plane attacks. Other key work includes Computer forensic analysis, digital evidence crime scenes and evidence visualisation as well as Cyber educational approaches such as developing Capture the Flag (CTF) resources and application security programs.

BCS Cybercrime Forensics SG promotes Cybercrime Forensics and the use of Cybercrime Forensics; of relevance to computing professionals, lawyers, law enforcement officers, academics and those interested in the use of Cybercrime Forensics and the need to address cybercrime for the benefit of those groups and of the wider public.

Speaker Biographies & Abstracts

Aleksander Gorkowienko, Cybersecurity Trusted Advisor, Spirent Communications, “ICS/SCADA Security Workshop”

Abstract:

  • ICS/SCADA security in details
    • Types of ICS/SCADA
    • Traditional security vs industrial security
    • Security issues vs safety issues
    • Attackers – who and what are they?
    • History of attacks on ICS
  • Why ICS/SCADA systems are vulnerable?
    • Security risks to modern ICS systems
    • Factors impacting cybersecurity of ICS/SCADA
    • Supply chain security
  • How to improve ICS/SCADA security
    • Key security principle: defence in depth
    • Implementing security zones
    • Principle of least privilege
    • Breaking famous air gap
    • Security policies
    • Standards related to ICS/SCADA security
  • What did we learn/Q&A?

Aleksander GorkowienkoBio: Aleksander Gorkowienko is passionate about cybersecurity with more than 20 years of practice in the business. His primary focus is ethical hacking, cyber resilience and education. Aleksander is also a practitioner; he was delivering and managing penetration testing services for years being specialised in the security of IoT and industrial systems. Aleksander is a senior consultant and a part of the vibrant Spirent Security Labs team; he is a security trainer and speaker. Aleksander believes that cybersecurity is never a one-time action - it is a continuous process which engages individuals and organisations on all levels and requires everyone to be aware and confident of modern cyber threats.

Andrea Scaduto, Senior Penetration Tester and Software Engineer, JPMorgan Chase & Co. "Remediate the Flag"

Abstract: Developers aren’t born knowing how to code securely; even more important, security is not their passion, nor their job! Old approaches such as theoretical training, have not helped in bridging this fundamental interest and skill gap. RTF is an open source training platform for developers to learn and practice modern secure coding practices through practical/hands on exercises. Its objective is to bring training so close to developers that the experience becomes so pleasant and interactive that they willingly take on more training and learn useful security skills they can apply instantly to their everyday job. RTF approach cements the concepts learned throughout the hands-on exercises, does not require instructors, and locks the person for minutes, not hours, keeping the engagement high.

This talk will present what RTF can do for the business, in four sections: Introduction, Installation, Live Demo (on basic exercises and the Exercise Hub) and SDK.

During Introduction, the features of the platform will be presented, showing exercises, learning paths, tournaments and other core features. Exercises involve finding, exploiting, and remediating the code of (intentionally) vulnerable applications. RTF uses an engine able to live test changes to the code and check their effectiveness, instantly tell if the code

has been fixed, and award points for completing the exercise. At the end of the introduction, the live demo will follow a developer running an RTF exercise in an isolated, DLP-friendly desktop environment, accessed through the web browser. In the environment, developers learn how to identify and fix security issues using the same tools and technologies that are used in real-life (IDEs, Application Servers, DBMS, Frameworks, etc).

It will be shown how the platform provides step-by-step instructions, hints, and resources to let the user figure out the best way for remediating the problem.

RTF provides a gamified experience, to maintain high engagement: users can assemble into teams, can track their relative progresses through a leader-board, and unlock special challenges. Exercises are grouped into sequence of logically linked units, called learning paths: this allows a learner to become an expert in a topic, in relatively small steps. When candidates complete a learning path, they receive a RTF certification: certifications have an expiration date and they can be renewed by taking some refresher exercises during the year.

The last section will introduce the SDK, a command line interface to create new exercises and publish them on the RTF Exercise Hub. The Hub works as a marketplace, to download new exercises with a one-click installation process. It will also be discussed how the platform can be used to create time-boxed tournaments in order to engage a whole community, where candidates in the same organisation can compete to remediate security issues. Throughout the presentation, it will be mentioned how metrics, provided at different granularity levels, can quickly identify and fill the gaps in training results.

Andrea ScadutoBio: Andrea is a Senior Penetration Tester and Software Engineer with an MSc in Computer Engineering and several IT Security certifications. He enjoys breaking, building and securing web and mobile applications. He has an extensive knowledge of secure coding techniques and a focus on reducing the cost of fixing vulnerabilities at scale.

Provisional Agenda

  • 17:30 – 18:15 Registration & Refreshments (LAB006)
  • 18:15 – 18:30 Welcome from the OWASP Cambridge Chapter Leader, Adrian Winckles, Director of Cyber Security & Networking Research Group, Anglia Ruskin University (LAB002)
  • 18:30 – 19:30 Aleksander Gorkowienko, Cybersecurity Trusted Advisor, Spirent Communications, “ICS/SCADA Security Workshop”
  • 19:30 – 20:15 Andrea Scaduto, Senior Penetration Tester and Software Engineer, JPMorgan Chase & Co. "Remediate the Flag"
  • 20:15 – 20:30 Roundup & Close

The meeting will be held in the Lord Ashcroft Building, Room LAB002 (Breakout Room LAB006 for networking & refreshments).

Please enter through the Helmore Building and ask at reception.

Anglia Ruskin University
Cambridge Campus

East Road

Cambridge
CB1 1PT

Please note that there is no parking on campus.
Get further information on travelling to the university.

ARU CSNRG, OWASP Cambridge & BCS Cybercrime Forensics November Chapter Meeting
Date and time
5 November, 5:30pm - 9:00pm
Location
Anglia Ruskin University
Cambridge Campus
East Road
Cambridge
CB1 1PT
Price
Free