Tag: association | Page 3

AIG, Geneva Association, IFTRIP and more highlight the sensitive subject of cyber incidents attribut

May 5, 2021/in Internet Security

Read more: Cyberattacks by nation states evolving to become more aggressive

Christian Wells, special counsel, Pool Re and secretariat, IFTRIP, highlighted that, while government involvement undoubtedly helps with attribution in the sense of providing an answer, it doesn’t necessarily provide a wholly accurate answer, even where there is an agreed process. A lot of national pools around the world don’t actually have formal processes, he said, they merely have contact with their governments.

“In the case of Pool Re,” he said, “we have a formal process for the certification of an event but it’s a bit like a black box – we submit a request for certification to the government who will then issue a certification that something is or isn’t, in the case of Pool Re, an act of terrorism. So, there may be a number of factors at play on whether a government certifies something as terrorism or as hostile cyber activity or otherwise. It’s an easier approach, not necessarily a failsafe one.”

Offering his perspective, Chuck Jainchill, cyber product development leader at AIG noted that the best-case scenario is having some form of governmental or international way of certifying or determining attribution. But, as with all things relating to insurance policies, he said, attribution may have to be determined legally in court. And the standard in the US, and most places, for civil litigation hinges on factors such as a preponderance of the evidence.

Even though a state may not be willing to take the position that an adversary or a friend was the perpetrator of an event, he said, the court has the standard of expert testimony and a variety of sources. Public-private partnerships and government buy-in is the ideal – but in the absence of that, the insurance industry must establish how to determine where these events fall on the spectrum.

Offering a non-insurance view Kaja Ciglic, senior director for digital diplomacy at Microsoft, who has previously been involved with governments on this subject, stated that public attribution tends to be a political process. When governments call out other governments for malicious…

Source…

[Webinar] Risky Business – Protecting Your Data From Hackers? – April 21st, 11:30 am – 1:00 pm CDT | Association of Certified E-Discovery Specialists (ACEDS)

April 12, 2021/in Computer Security

Paul Price

Paul Price
Vice President, Forensic Services
Xact Data Discovery

Paul Price is the Vice President, Forensic Services at Xact Data Discovery, where he manages the firm’s technical operations in areas of digital forensics and cyber security. In addition to supervising forensic examiners, he maintains an active case load and conduct digital forensic investigations for civil litigation, criminal matters, internal investigations, and cyber security efforts.

Prior to entering the private sector as a consultant, Mr. Price gained invaluable experience and training as a law enforcement officer, where he received certification as a Computer Forensic Examiner. Over the course of his career, Mr. Price has conducted, assisted, or supervised over 1000 forensic exams for local, state, and federal law enforcement agencies as well as law firms, corporations, and private individuals. His law enforcement background includes specialized assignments in Financial Crimes Investigation, Crime Scene, Computer Forensics, and Counterterrorism. Paul spent the last five years of his law enforcement career on assignment with the FBI working National Security matters and held a TS/SCI security clearance.

Mr. Price has worked on several high-profile engagements around the globe including cases dealing with Intellectual Properties, Trade Secrets, Bankruptcy, Embezzlement, Fraud, Commercial Litigation, Family Law, and Criminal matters. His work requires him to identify, preserve, analyze, and document electronically stored information (ESI) from computers, servers, mobile devices, VOIP systems, and many other sources of ESI for the purposes of evidentiary or root cause analysis. Mr. Price has been recognized and testified as a forensic expert in legal proceedings pending in both State and Federal courts.

Source…

CyCraft Japan joins the Nippon CSIRT Association

November 3, 2020/in Computer Security

TOKYO, Nov. 3, 2020 /PRNewswire/ — CyCraft Technology, the fastest-growing cybersecurity firm in Asia, today announced that CyCraft JP has officially joined the Nippon CSIRT Association (NCA).

CSIRT (Computer Security Incident Response Team, Computer Security Incident Response Team) refers to a team of security analysts that not only deal with and respond to cybersecurity incidents, collect and analyze incident-related vulnerability intelligence, attack tactics, techniques, and procedures (TTP) but also formulate playbooks and carry out responses to security incidents.

In recent years, Japanese organizations have begun building and developing their own internal CSIRTs; however, cyberattacks in the 21st century are becoming more and more sophisticated and frequent, making it more and more difficult for one CSIRT to handle individually. Nippon CSIRT Association (NCA) was established to unify the intelligence, resources, and capability of multiple CSIRTs so that one CSIRT leveraging the intelligence, resources, and capability of other CSIRTs could overcome security incidents and increase Japan’s overall cyber resilience.

NCA is not the first CSIRT organization CyCtaft has joined. Earlier this year, CyCraft Taiwan joined the international CSIRT organization, FIRST (Forum of Incident Response and Security Teams). CyCraft Technology is not just committed to raising the resilience of global organizations but also committed to demonstrating trustworthiness, professionalism, and accurate and actionable threat intelligence, specifically in the APAC market.

About Nippon CSIRT Association

NCA was founded in 2007 with the primary goal of fostering cooperation, intelligence sharing, and strengthening trustworthy relations between CSIRTs in Japan to better facilitate prompt, intelligence-driven responses. NCA provides a secure forum for members to cooperate with each other and solve common problems collectively. NCA CSIRT team, from various organizations across multiple industries and fields, gather regularly at NSA conferences to discuss relevant and current threats and trends, observed attack behavior, attack and defensive playbook modifications, and more.

For more…

Source…

The Geneva Association on the role of collaboration across cyber insurers – Insurance Business

March 17, 2020/in Internet Security

The Geneva Association on the role of collaboration across cyber insurers Insurance Business
“cyber warfare news” – read more

Tag Archive for: association