In The Media
Canadian Collegiate Cyber Exercise
A Little Bit of Canadian Cyber Security History in the Making
Janet Cloud ICD.D MBA CMC BSc
This week I was lucky enough to participate in a little bit of Canadian cyber security history. The first annual Canadian Collegiate Cyber Exercise (C3X) kicked off at George Brown College. This was the brainchild of Lee Kagan and Ben Czepita-Wells of RedBlack Cyber Security, a local cyber security startup. This is the first competition of its kind for colleges in Canada...
swim with sharks
Traditional wisdom says: You wouldn't jump into the deep end of the pool without some swimming lessons first would you? Sure, you might learn a lot, but then you drown. That hardly leaves you with the chance to implement what you've learned. How about we throw sharks in the water as well? You'd better be a fast learner.
But, what if you could simulate that whole experience like a video game - take a virtual plunge into the dangerous waters of the web and see how you fare against its most menacing inhabitants? Then, (replay) look back on the event to scrutinize your performance with the goal of improving your proficiency...
The 1st Annual Canadian Collegiate Cyber Exercise: C3X
The Canadian Collegiate Cyber Exercise (C3X) is designed to develop, broaden and enhance the skills base of the next generation of cyber security and ICT professionals. The concept in brief: The students were tasked with defending a “simulated” corporate network from intrusion and exploitation by a red team comprised of cyber security pros with sophisticated skills...
the frog in a pot analogy
It seems like businesses have become hypnotized by the complexity of the cyber security landscape. There is no doubt it is an intimidating topic, from everyday admin users and IT personnel to C-Suite decision makers - the facts and more importantly, the solutions often seem so murky that taking a positive step is near impossible. Paralyzed by fear of financial costs that can be incurred without a clear ROI, or wading into waters we're unfamiliar with; businesses settle for bandage solutions or half-measures and hoping for the best. But, this lack of acknowledgement of the problem only serves the criminal element that exploits it...
rogue team benefits
If you have been following the recent cyber insurance cases in the U.S. involving Columbia Casualty Company v. Cottage Health System or Travelers v. Federal Recovery Services you may have noticed that the cyber coverage purchased by the insured may very well be voided. The reason, "failure to adhere to certain basic security practices was the cause of the data breach and subsequent loss." This constituted a lack of due care. "Due care" - according to legal definitions is “the degree of care which a person of ordinary prudence would exercise under the same or similar circumstances.”...
RedBlack has made community involvement and education a core philosophical tenet of our operations.
Whether lecturing at colleges, speaking at security events, or contributing to blogs, forums, or initiatives— the philosophy at RedBlack is that each and every member of an organization can, and should play a role in keeping the organization secured. By empowering every team member with both knowledge and clarity of the modern threat environment, the likelihood of an attack penetrating your organization decreases, and the window of time to identify that attack decreases too. Giving your organization more time and resources to recover.
Our aim is to help improve every individual within an organization's comprehension and skills , thereby improving the entire organization’s overall security posture. Security can be complex, not everyone on the team can write a firewall rule or whitelist IP's; but every team member can learn to recognize and escalate a possible phishing email to the security team. Small acts by each member of an organization can make a huge difference in overall security.
BOOTCAMPS & WORKSHOPS
- Intensive technical training sessions
- Phishing and Social Engineering
- Open to any level of security personnel
- Coming soon...
RedBlack Canadian Collegiate Cyber Exercise (C3X)
An advanced Red vs Blue war-game with Ontario College Students from a variety of cyber security and ICT programs; working alongside Professors, Instructors and cyber defense/ICT Industry professionals, who act as mentors to the students during the course of the exercise. Providing the students with insight, support, advice and guidance throughout the whole exercise. The exercise gives students a chance to flex their in-class learned skills a tense, competitive, supportive and fun environment.
Live Speaking Engagements from RedBlack Security Services:
- BSides TO:: Red vs Blue Ping Pong
- BSides ROC: Red vs Blue Ping Pong
- MaRS CISO Summit: Canadian Collegiate Cyber Exercise (C3X) goals, ideals and benefits
- Toronto Cyber Security Meetup: Intro to Threat Emulation
- George Brown College (Professional Advisory Committee) T401, T407
- TASK Toronto: Attacking Windows Infrastructures
- DEFCon 416: Offensive Tool Agnostics
- CERN Whitehat Challenge:
- Sheridan ISSessions:
- Threat Emulation Conception and Execution
- Failing Up
- Offensive PowerShell
- Rogue Team Organization, Tactics + Benefits
- Cyber Security and You: Basic Cyber Security Processes and Procedures for Non-Techs
Podcasts, Interviews and Blogs:
- Black Hills
- ISACA Montreal:
- CTV News Consumer Reports
- CTV National News: BMO and CIBC's Simplii warn fraudsters may have accessed clients' data
- ISOPodcast @InvokeThreatGuy
- First four interviewees lined up/recording in progress
- links to episodes will be posted shortly...first episode coming very soon!
- First four interviewees lined up/recording in progress
Engineers without Borders:
Social Change and Youth Leadership Conference