All Videos Tagged CISOPlatform (CISO Platform) - CISO Platform 2019-03-20T01:50:28Z http://www.cisoplatform.com/video/video/listTagged?tag=CISOPlatform&rss=yes&xn_auth=no 5 Real ways to destroy business by breaking SAP Applications tag:www.cisoplatform.com,2015-02-09:6514552:Video:30292 2015-02-09T10:42:49.843Z pritha http://www.cisoplatform.com/profile/pritha <a href="http://www.cisoplatform.com/video/5-real-ways-to-destroy-business-by-breaking-sap-applications"><br /> <img alt="Thumbnail" height="180" src="http://api.ning.com:80/files/nLML9an*avretB5lwA6pTYpcm511hIjsCUtVTu4CPs-qHnmvFq3dUMAyIofHqNe-Z5t3ZutCkfq-qfJ33kO5PTBFhJxlaRMM/1110433750.jpeg?width=240&amp;height=180" width="240"></img><br /> </a> <br></br>Do you know where all the critical data of your company is stored? Is it possible for attacker to commit sabotage or espionage against your company by breaking into just one of your business critical systems? And if so - what kind of systems could be under attack? Is it easy to break them? Is it a myth that SAP systems could be accessed only… <a href="http://www.cisoplatform.com/video/5-real-ways-to-destroy-business-by-breaking-sap-applications"><br /> <img src="http://api.ning.com:80/files/nLML9an*avretB5lwA6pTYpcm511hIjsCUtVTu4CPs-qHnmvFq3dUMAyIofHqNe-Z5t3ZutCkfq-qfJ33kO5PTBFhJxlaRMM/1110433750.jpeg?width=240&amp;height=180" width="240" height="180" alt="Thumbnail" /><br /> </a><br />Do you know where all the critical data of your company is stored? Is it possible for attacker to commit sabotage or espionage against your company by breaking into just one of your business critical systems? And if so - what kind of systems could be under attack? Is it easy to break them? Is it a myth that SAP systems could be accessed only internally? Time has come not only to answer all of these questions. This time the real examples of different attacks on Enterprise Business application systems will be shown, based on eight-year research experience in that field. First of all we will cover all possible business risks related to each end every type of systems such as ERP, SRM, HR, Business Intelligence, PLM’s and Industry solutions so that every high level executive will get the full understanding of what could happen. After that, we will show examples of how easy is it to do such critical actions in different systems by exploiting vulnerabilities and misconfigurations from more business-related - such as Abusing SRM systems - to win the bid, for example. From frauds in HR system and salary-increasing to more technical things, such as drilling into corporate network via SAP Portal or delivering backdoors, which look like official updates via SAP Router. Our presentation will be the first to show real threats for business during those attacks with demo of the most interesting ones, and a guide to avoid them. BadUSB — On accessories that turn evil by Karsten Nohl tag:www.cisoplatform.com,2015-02-09:6514552:Video:30479 2015-02-09T10:40:27.381Z pritha http://www.cisoplatform.com/profile/pritha <a href="http://www.cisoplatform.com/video/badusb-on-accessories-that-turn-evil-by-karsten-nohl"><br /> <img alt="Thumbnail" height="180" src="http://api.ning.com:80/files/nLML9an*avpNSQdaj*rMjPgvqasGszuGU4X7z4EuH3DMVf*sqUHVYFegvU2jbP4RYB6q9ohfcDTKQlMz0scTDAFsrPgGYpIL/1110433562.jpeg?width=240&amp;height=180" width="240"></img><br /> </a> <br></br>This talk introduces a new form of malware that operates from controller chips inside USB devices. Peripherals can be reprogrammed in order to take control of a computer, exfiltrate data, or spy on the user. We demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current… <a href="http://www.cisoplatform.com/video/badusb-on-accessories-that-turn-evil-by-karsten-nohl"><br /> <img src="http://api.ning.com:80/files/nLML9an*avpNSQdaj*rMjPgvqasGszuGU4X7z4EuH3DMVf*sqUHVYFegvU2jbP4RYB6q9ohfcDTKQlMz0scTDAFsrPgGYpIL/1110433562.jpeg?width=240&amp;height=180" width="240" height="180" alt="Thumbnail" /><br /> </a><br />This talk introduces a new form of malware that operates from controller chips inside USB devices. Peripherals can be reprogrammed in order to take control of a computer, exfiltrate data, or spy on the user. We demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current defenses Ants and Elephants in the CISO's Office tag:www.cisoplatform.com,2015-02-09:6514552:Video:30577 2015-02-09T10:38:26.782Z pritha http://www.cisoplatform.com/profile/pritha <a href="http://www.cisoplatform.com/video/ants-and-elephants-in-the-ciso-s-office"><br /> <img alt="Thumbnail" height="180" src="http://api.ning.com:80/files/nLML9an*avrcmEAIcMRP4QqBPB9qo8pIqgthHiSM92SQL9jHIhcTSM0wWDyW5iyaJdm2uIP0dD5pT9PBeak*FscElRmDTsPV/1110433358.jpeg?width=240&amp;height=180" width="240"></img><br /> </a> <br></br>I will show how ISO 9001 and ISO 27001 can be used together to deliver business value and demonstrate to executive management and key stakeholders that you are exercising due diligence in protecting your organisation's information assets. The talk will briefly discuss the requirements of the two standards and show how ISO 27001 and ISO 9001 can be used to address both… <a href="http://www.cisoplatform.com/video/ants-and-elephants-in-the-ciso-s-office"><br /> <img src="http://api.ning.com:80/files/nLML9an*avrcmEAIcMRP4QqBPB9qo8pIqgthHiSM92SQL9jHIhcTSM0wWDyW5iyaJdm2uIP0dD5pT9PBeak*FscElRmDTsPV/1110433358.jpeg?width=240&amp;height=180" width="240" height="180" alt="Thumbnail" /><br /> </a><br />I will show how ISO 9001 and ISO 27001 can be used together to deliver business value and demonstrate to executive management and key stakeholders that you are exercising due diligence in protecting your organisation's information assets. The talk will briefly discuss the requirements of the two standards and show how ISO 27001 and ISO 9001 can be used to address both the tactical challenges of information security (the ants) as well as the strategic challenges of delivering business value (the elephants). How to Embed Risk Assessment into your Project Workstream tag:www.cisoplatform.com,2015-02-09:6514552:Video:30289 2015-02-09T10:35:01.417Z pritha http://www.cisoplatform.com/profile/pritha <a href="http://www.cisoplatform.com/video/how-to-embed-risk-assessment-into-your-project-workstream"><br /> <img alt="Thumbnail" height="180" src="http://api.ning.com:80/files/nLML9an*avpQLXxo3ErR57iHJw4BCIa1lNtuTy-ZqGGWiZVO-PVMqLmLogEpkAm7wRqsGNh4v0MZJy0eQQLbhP8K8Ea89w-2/1110433028.jpeg?width=240&amp;height=180" width="240"></img><br /> </a> <br></br>Embedding risk assessment into your project workstream by Michael Calderin - Security Officer, Bupa Global Latin America Position information security more… <a href="http://www.cisoplatform.com/video/how-to-embed-risk-assessment-into-your-project-workstream"><br /> <img src="http://api.ning.com:80/files/nLML9an*avpQLXxo3ErR57iHJw4BCIa1lNtuTy-ZqGGWiZVO-PVMqLmLogEpkAm7wRqsGNh4v0MZJy0eQQLbhP8K8Ea89w-2/1110433028.jpeg?width=240&amp;height=180" width="240" height="180" alt="Thumbnail" /><br /> </a><br />Embedding risk assessment into your project workstream by Michael Calderin - Security Officer, Bupa Global Latin America Position information security more s...