In The Media
Canadian Collegiate Cyber Exercise
A Little Bit of Canadian Cyber Security History in the Making
Janet Cloud ICD.D MBA CMC BSc
This week I was lucky enough to participate in a little bit of Canadian cyber security history. The first annual Canadian Collegiate Cyber Exercise (C3X) kicked off at George Brown College. This was the brainchild of Lee Kagan and Ben Czepita-Wells of RedBlack Cyber Security, a local cyber security startup. This is the first competition of its kind for colleges in Canada...
swim with sharks
Traditional wisdom says: You wouldn't jump into the deep end of the pool without some swimming lessons first would you? Sure, you might learn a lot, but then you drown. That hardly leaves you with the chance to implement what you've learned. How about we throw sharks in the water as well? You'd better be a fast learner.
But, what if you could simulate that whole experience like a video game - take a virtual plunge into the dangerous waters of the web and see how you fare against its most menacing inhabitants? Then, (replay) look back on the event to scrutinize your performance with the goal of improving your proficiency...
The 1st Annual Canadian Collegiate Cyber Exercise: C3X
The Canadian Collegiate Cyber Exercise (C3X) is designed to develop, broaden and enhance the skills base of the next generation of cyber security and ICT professionals. The concept in brief: The students were tasked with defending a “simulated” corporate network from intrusion and exploitation by a red team comprised of cyber security pros with sophisticated skills...
the frog in a pot analogy
It seems like businesses have become hypnotized by the complexity of the cyber security landscape. There is no doubt it is an intimidating topic, from everyday admin users and IT personnel to C-Suite decision makers - the facts and more importantly, the solutions often seem so murky that taking a positive step is near impossible. Paralyzed by fear of financial costs that can be incurred without a clear ROI, or wading into waters we're unfamiliar with; businesses settle for bandage solutions or half-measures and hoping for the best. But, this lack of acknowledgement of the problem only serves the criminal element that exploits it...
rogue team benefits
If you have been following the recent cyber insurance cases in the U.S. involving Columbia Casualty Company v. Cottage Health System or Travelers v. Federal Recovery Services you may have noticed that the cyber coverage purchased by the insured may very well be voided. The reason, "failure to adhere to certain basic security practices was the cause of the data breach and subsequent loss." This constituted a lack of due care. "Due care" - according to legal definitions is “the degree of care which a person of ordinary prudence would exercise under the same or similar circumstances.”...
RedBlack has made community involvement and education a core philosophical tenet of our operations.
Whether lecturing at colleges, speaking at security events, or contributing to blogs, forums, or initiatives—our philosophy at RedBlack is that each member of an organization can, and should play a critical role in keeping the organization secure.
Our aim is to help improve every individual within an organization's comprehension and capability, thereby improving the entire organization’s overall security posture. Security can be as complex as writing a firewall rule or whitelisting IP's to recognizing and escalating a phishing email to the security team or point person.
BOOTCAMPS & WORKSHOPS
- Intensive technical training sessions
- Phishing and Social Engineering
- Open to any level of security personnel
- Coming soon...
RedBlack Canadian Collegiate Cyber Exercise (C3X) - An advanced Red vs Blue War-game combining Ontario College Students; working alongside Professors, Instructors and cyber defense/ICT Industry professionals, acting as mentors to the students during the course of the exercise; providing the students with insight, support, advice and guidance. The exercise gives students a chance to flex their in-class learned skills a tense, but supportive and fun environment.
Live Speaking Engagements from RedBlack Security Services:
- BSides TO: Red vs Blue Ping Pong
- BSides ROC:
- MaRS CISO Summit: Canadian Collegiate Cyber Exercise (C3X) goals and benefits
- Engineers Without Borders: Social Change and Youth Leadership Conference
- Toronto Cyber Security Meetup: Intro to Threat Emulation
- George Brown College (Professional Advisory Committee) T401, T407
- TASK Toronto: Attacking Windows Infrastructures
- DEFCon 416: Offensive Tool Agnostics
- Sheridan ISSessions:
- Threat Emulation Conception and Execution
- Failing Up
- Offensive PowerShell
- Rogue Team Organization, Tactics + Benefits
Podcasts, Interviews and Blogs:
- Black Hills
- ISACA Montreal:
- CTV News Consumer Reports
- CTV National News: Bank of Montreal: Breach story and interview with RedBlack Security about fallout and dangers from breach
- Coming Soon.... @InvokeThreatGuy Podcast: First four interviewees lined up / recording in progress