This course introduces a series of advanced and current topics in cyber security, many of which are especially relevant in modern enterprise and infrastructure settings. The basics of enterprise compliance frameworks are provided with introduction to NIST and PCI. Hybrid cloud architectures are shown to provide an opportunity to fix many of the security weaknesses in modern perimeter local area networks. Emerging security issues in blockchain, blinding algorithms, Internet of Things (IoT), and critical infrastructure protection are also described for learners in the context of cyber risk. Mobile security and cloud security hyper-resilience approaches are also introduced. The course completes with some practical advice for learners on how to plan careers in cyber security.
Welcome Roger Thornton (Part 2): CTO, AlienVault
Loading...
Del curso dictado por New York University Tandon School of Engineering
Enterprise and Infrastructure Security
75 calificaciones
New York University Tandon School of Engineering
75 calificaciones
Curso 4 de 4 en SpecializationIntroduction to Cyber Security
De la lección
Blockchain, Anonymity, and Critical Infrastructure Protection
This module introduces several advanced topics in cyber security ranging from blockchain usage, user anonymity, and critical infrastructure protection.
Conoce a los instructores
Dr. Edward G. AmorosoResearch Professor, NYU and CEO, TAG Cyber LLC
Computer Science
Hi folks, Ed Amoroso again, we're back for
part two of my discussion with my friend Roger Thornton, the CTO of AlienVault.
So Roger, let me ask you about the cyber threat.
So what are the things that people running businesses, or governments, or
countries should be fearful of now in terms of assets and
infrastructure that sit on the Internet, that use software?
What are the threats that you see kind of brewing that are of concern?
>> Big question, right?
And a lot of attention to this on just about every facet of TV journalism.
I think the first thing we could probably do here is group these into
some various pockets, and the one that we will dive down on is the one,
as a practitioner trying to protect a business, you should be concerned about.
So broadly speaking, and I gotta say,
you definitely understand this topic [LAUGH] better than I.
So here's my attempt [LAUGH] to make sure I get it right, okay.
Broadly speaking, as a corporate entity, you've gotta consider a range of
threats from insiders, employees that have some malicious intent.
Somewhat amateur external groups that are involved in crime,
professional external groups that are involved in crime.
And then depending on the company you're in and what you do for a living,
you may very well have to deal with the nation-states trying to break.
>> Yeah, military attacks basically, right?
>> Maybe even from your own country that's eavesdropping on your customers.
>> Could be, yeah, true.
>> And you don't want that to happen.
The one thing that has to be said,
especially since a lot of these are college students, as an individual,
your privacy is something you should be concerned about.
And if you're young, in school, protecting your privacy from your peers,
protecting what you want to keep secret from your parents or
your loved ones, your employer,
is really hard to do if you're going to be laying it all out there on computers.
So if you use social network and all that stuff, you want to think about probability
that this stuff is going to be seen by everybody, now is at about 100%.
Gotta throw that out there when you're talking to younger people.
And then for governments, I mean,
you have that same threats that companies do.
Except the the degree to which the countries
are antagonizing each other using computer security, it's at an epic level.
Maybe it was like that in the past we didn't have visibility, but it's profound.
So if you're a company and you're trying to protect yourself against those threats,
first thing you gotta do is consider each of the various threats,
both from motivation and capabilities point of view.
And let me give you a good example.
[COUGH] Most of your employees are not terribly motivated
to harm the company they work for.
But a few of them might be, and they might be terribly motivated.
They might be people that you had to let go for a layoff or with someone who you
hired who wasn't a good person who would seek retribution.
So a small percentage of people who have enormous motivation.
Maybe not the greatest capabilities from a computer hacking point of view,
but access.
The threats that I think are some of the easiest to deal with are the criminal
threats, in that they're really just trying to make money.
So their motivations are fairly rational.
They don't want to get caught and go to jail.
And you can predict their behavior.
The threats I think that are the most troubling for
a business are groups that are attacking your business out of some
kind of zealous, desire to change to the world.
>> Philosophical.
>> Philosophical, harder to predict what they're going to do,
harder to know that they're there.
And just about any company
that operates today is going to have somebody that doesn't like them.
And so, if you're going to defend yourself, one of the best exercises is
to start off with is doing a real careful assessment of the kind of company you are,
where those threats may reside and what their opportunity may consist of.
When you do that,
you've got a general blueprint of how you're going to manage things.
But the next thing that you need, and it's partly what I do in my day job,
is you need to know, maybe it's a little bit like someone who trades stock.
You need to know what's going on in the market today.
What are the active campaigns?
What are the malware toolkits that people are utilizing?
What are the things that people in my sector are seeing?
What have I seen in the last week?
What things are kind of going out on the horizon?
And this unfortunately is a fairly complicated and expensive endeavor.
Very, very large companies will invest in teams that can do this.
If you're in a section of the economy that's deemed critical infrastructure,
you may very well get some help from the federal government in understanding
the threats down at the tactical level.
But for most companies around the world,
you're going to have to figure how to do it yourself.
And so that's what I'm dedicated to right now,
is trying to figure out a way that you can make that day in and
day out threat information available, ideally for free,
if not, through products that are reasonably priced.
I think a lot of the very big companies, very capable to take care of themselves,
but the average size company is really not.
And so one of the things that my company runs is we call the Open Threat Exchange.
The Open Threat Exchange is a free, crowdsourced system that,
anybody who is running a threat detection system,
we have a commercial one and we have an Open Source one.
All of our open source users, and a big percentage of our commercial users,
upload to the Open Thread Exchange what we call indicators of compromise.
And these are any measurable thing on a computer system
that goes along with a particular threat campaign or attack.
And these all get uploaded into central computing environment in the cloud.
Then people can log into that and collaborate with one another and say,
hey, you saw this, I saw this, but here I saw these 15 other things, too.
You should know about them because now I've got 16 indicators that tell me about
this guy.
You might upload another ten, and so on and so forth.
We bundle these things together in an entity we call a pulse, and then
through this system, people can publish pulses and send them out to each other.
That's all entirely free.
That sharing system is a way for us to allow the customer base,
who everybody, once you're a victim, you have the ability to see,
even if you don't have a fantastic security research organization.
You're going to see some indicators,
at some point after they crash through the door, and if you're generous enough and
smart enough, you're going to share those with your peers.
Because sharing with your peers allow your peers to now be aware of that actor.
But it's smart to share with your peers because they share with you.
Now a big body of you, you only need victim number one, and
a bad guy's found out.
And this is going back to the whole thing of cybersecurity is not an engineering
problem to solve, it's a crime to be managed.
>> Yeah. >> It's a never ending game.
There's always going to be the next attack that's based on some new piece of software
that has a vulnerability that slipped through the cracks.
>> Yeah.
>> And our ability to detect it once globally, and
not over and over and over again, is a big shift.
>> Saves time.
It's so nice to see your passion and your interest in this
technology and in this field, it's just very, very inspiring.
So on behalf of our whole community, I want to thank you for taking some
time to stop by our studio and share with us, and I hope you'll come back.
>> Thanks, I really appreciate it.
>> Great.
>> Everybody out there, good luck with the rest of the course,
and keep up the good work.
>> That's great, we'll see you on the next one, thanks.
Explora nuestro catálogo
Inscríbete de manera gratuita y obtén recomendaciones personalizadas, actualizaciones y ofertas.
Coursera brinda acceso universal a la mejor educación del mundo, al asociarse con las mejores universidades y organizaciones, para ofrecer cursos en línea.
© 2018 Coursera Inc. Todos los derechos reservados.
