Program Overview

• Building a Security Awareness and Training Program, The World Bank Monica Price, World Bank (Security Awareness)

  Regardless of the sophisticated cyber threats that evolve, an organization’s weakest link continues to exist between the keyboard and the chair – the human component. We will review the basics of establishing a security awareness program, and explore how using a structured, strategic, and measured approach can increase the level of awareness and decrease the level of risk that end-users pose to an institution.

  September 26, 2016 09:15-10:00

•  US

  Building a Trust Community Among Disparate Constituency

  Katherine Gagnon (United Nations, US)

  Katherine Gagnon has been working in IT for over 22 years, with 19 focused directly in information security after she graduated Johns Hopkins University with a bachelor's degree in Computer Science. She has worked as a consultant performing pen testing, architecture design and review, infrastructure deployment, and more. In addition to 3 years as the program manager for information security at Discovery Communications, Katherine spent substantial time in the public sector having worked for years between USAID and US Department of State before entering the realm of international organizations where she currently serves as an Information Security Officer with the World Bank Group though on assignment to the United Nations as the lead for Common Secure, a information sharing service for UN family organizations. Her expertise after 5.5 years at the World Bank running endpoint engineering followed by cyber threat intelligence teams made her uniquely qualified to build a program at the UN.

  Historically the organizations of the United Nations Common System did not have a meaningful way to communicate cyber security information amongst themselves, nor has there been a presence in the greater infosec sharing communities. Starting in September 2015, there has been a concerted effort to address both problems.

  The United Nations International Computing Centre, under directive of the UN Secretary General and mandate by a steering committee comprised of United Nations CISOs, has taken on the initiative to invest in and build a program dubbed "Common Secure" which all UN and UN "Family" organizations may subscribe to (similar to an ISAC.) However the difference between a traditional ISAC and Common Secure is that an ISAC is more focused on a vertical market, which typically means similar threat actors and some shared threat landscape. Contrary to that, within the UN the "market" is more horizontal in that the breadth of constitutents runs the gammut from world critical infrastructure concerns (IAEA, WHO, OPCW) to more humanitarian efforts (UNICEF, UNESCO.)

  This presentation will discuss the genesis of Common Secure, including how we've socialized the solution, challenges faced, partnerships, and more.

  September 26, 2016 13:30-14:15

• Cyber Security for Democracy: The new challenge supporting Human Rights Development, and Resilient Nations

  César A. Quan, UNDP

  The journey from "Technical Provider" to "Strategic Partner": UNDP challenges supporting Human Rights Development, and Resilient Nations through better and secure ICT services.

  On 2015, in the middle of a very tense political and popular environment, a Developing Nation faced the challenge to guarantee a transparent, and efficient democratic electoral process with a limited, and insecure ICT infrastructure in all of its aspects. Many political analysts, press media, International Community, and the government itself, feared for social conflict, perhaps even violent, if a rumor of electoral fraud was spread.

  The National Electoral Authority was threatened publicly by cybercriminals, who successfully overthrew the entire ICT infrastructure several times. UNDP was contacted by the government, and an interdisciplinary team was conformed, including an ICT Consulting Team, to support electoral local team.

  After two week of intense work, the National Electoral Authority was able to publish the first preliminary results just four hour after the close of the electoral process, and stay on-line providing information until the final results was reached. Social conflict did not happen, and the democratic electoral process gave to the country a new Democratic Government.

  September 26, 2016 14:15-14:45

• The APTs within: How you should (not) handle an APT actor in your network

  Alexey Kuzmenko, UNDP

  The talk presents a case study of an incident involving Advanced Persistent Threat (APT) actor as it unfolds inside the organization's network. The presentation includes technical details on the detection, incident triage and scoping, evidence discovery and analysis, containment and eradication actions as well as attribution. It also discusses APT actor's tactics, techniques and protocols specific to the incident as well as possible generic pitfalls handling APTs. The study shares lessons learned as a result of this incident for the benefit of other CSIRTs allowing more efficient handling of similar cases.

  September 26, 2016 11:00-11:30

• Marrakesh 2016 FIRST TC
  • Program Overview