Our monthly newsletter
Presentations, articles, papers
1. Interview for the TAZ Newspaper (In German): Jeder hat eine Schwachstelle. Betrüger bauen Vertrauen auf, um an Daten oder Geld zu kommen. Welche Tricks sie dafür nutzen, erklärt Sicherheitstrainerin Christina Lekati.
https://taz.de/Sicherheitsexpertin-ueber-Social-Engineering/!5711020/
2. SANS Summit Talk for the Open Source Intelligence Summit (Washington DC): “Judging By The Cover - Profiling Through Social Media”. The talk demonstrates how attackers gather information on their targets through social media and utilize them to manipulate and victimize them – ultimately leading to a security breach. If you have a SANS account you may find the slides of the presentation by visiting:
https://www.sans.org/cyber-security-summit/archives
Alternatively, you may visit: (link where we have uploaded the slides)
3. Interview for Golem.de (In German): Social Engineering: Die unterschätzte Gefahr. Die größten Schwachstellen in technischen Systemen sind bis heute Menschen. Social Engineers machen sich ihre Sorglosigkeit zunutze - und finden auf sozialen Netzwerken alles, was sie für einen erfolgreichen Angriff brauchen.
https://www.golem.de/news/social-engineering-die-unterschaetzte-gefahr-1908-142812.html
4.Interview for the Dot Magazine: “Creating a “Human Firewall” for IT Security”. Psychologist and social engineer Christina Lekati from Cyber Risk GmbH explains the psychological basis of phishing and how to arm staff with effective defenses.
https://www.dotmagazine.online/issues/securing-the-future/human-firewall-for-it-security
5. Interview for the ECO Association- Europe’s Largest Internet Association (In German): Social Engineering: Mitarbeiter stärker für IT-Security sensibilisieren. Mitarbeiter müssen lernen, wie sie auf diese Anfragen in einer angemessenen Weise reagieren können. Dies geschieht durch intensive Schulung. Sie müssen verstehen, dass das Thema: Sicherheit geteilte Verantwortung bedeutet und, dass sie eben einen Teil dieser Verantwortung mittragen.
https://www.eco.de/news/social-engineering-unwissenheit-am-meisten-ausgenutzt/
6. Conference Presentation at Hacktivity: "Social Engineering Through Social Media". The talk demonstrates how attackers gather information on their targets through social media and utilize them to manipulate and victimize them – ultimately leading to a security breach. https://www.youtube.com/watch?v=D8Z69AsSFn0&t=577s
7. Conference Presentation at ElBsides Hamburg: "When Your Biggest Threat is on Your Payroll – Drivers and Enablers of Insider Threat Activities". The talk discusses the organizational factors enabling insider threat operations and countermeasures against them, by combining the lessons learned on insider activity prevention from the fields of counterintelligence, psychology, and cyber-security.
https://www.youtube.com/watch?v=5ovY0YlLZNU&t=2208s
8. The National strategy for the protection of Switzerland against cyber risks (NCS) for 2018 to 2022, adopted by the Federal Council on 18 April 2018: https://www.isb.admin.ch/isb/en/home/ikt-vorgaben/strategien-teilstrategien/sn002-nationale_strategie_schutz_schweiz_cyber-risiken_ncs.html
9a. Switzerland’s Security 2018 - Situation Report 2018 of the Federal Intelligence Service (FIS): https://www.newsd.admin.ch/newsd/message/attachments/52216.pdf
9b.Switzerland’s Security 2019 - Situation Report 2018 of the Federal Intelligence Service (FIS): https://www.newsd.admin.ch/newsd/message/attachments/57076.pdf
10a. Bundesamt für Verfassungsschutz (BfV), Electronic Attacks with an Intelligence Background: http://www.verfassungsschutz.bayern.de/mam/spionageabwehr/content/publication-2014-07-electronic-attacks.pdf
10b. Bundesamt für Verfassungsschutz (BfV), Cyber attacks controlled by intelligence services: https://www.verfassungsschutz.de/embed/publication-2018-05-cyber-attacks-controlled-by-intelligence-services.pdf
11. Hybrid CoE, The European Centre of Excellence for Countering Hybrid Threats:
https://www.hybridcoe.fi/publication-tags/strategic-analysis/
12. MELANI, Content for Entreprises:
https://www.melani.admin.ch/melani/en/home/unternehmen.html
13. Swiss Governmental Computer Emergency Response Team (GovCERT):
https://www.govcert.admin.ch
14. FIRST, Forum of Incident Response and Security Teams:
http://www.first.org/members/teams/govcert-ch
15. Latest News, from the Federal Data Protection and Information Commissioner:
https://www.edoeb.admin.ch/edoeb/en/home/latest-news/aktuell_news.html
16. Our Catalog - Instructor-led training in Switzerland, Liechtenstein and Germany: https://www.cyber-risk-gmbh.com/Cyber_Risk_GmbH_Catalog_2020.pdf
Cyber security is ofter boring for employees. We can make it exciting.