read on your own
-------------------------------
www.schneier.com
he has a great blog
------------------------------
Risks associated with
4Ps and 6Es
4Ps are things you can control
6Es are things you cannot control
d
------------------------------
Difference between
Regular Crime and
Cyber Crime
41 sec.
did Feb 8
-------------------------------
Risk and Threat for I.T.
Intro - fundamentals
did Feb 8
Vulnerability can exist in many forms
- pancake story
------------------------------------------
Asymetrical Cyber Security.
Asymmetrical Cyber Security
relationship to Guerilla Warfare
did Feb 8
did Feb 8
-------------------------------
Def'n of Risk
Types of Risk
Risk Description
Risk Classification
Risk Likelihood and Magnitude
-------------------------------
Impact of Risk
Level of Risk
Impact of Hazard Risk
Risk and Reward
-------------------------------
Types of attacks
did
Types of Cyber Security Threats - simple intro
student video 2014 Nov.
.
Types of Risk
o Hazard Risk
aka Pure Risk
o Control Risk
o Opportunity Risk
aka Speculative Risk
video discussing differences between
Speculative (Opportunity) Risk
and Pure (Hazard) Risk
f
--------------------------------
Development of Risk Management
Terms
f
Asset
Threat Agent
Vulnerability
Exposure
Countermeasure
R=TxVxC
Risk=Threat
x Vulnerability x Cost
did
Feb 15
--------------------------------
o Privacy
Issues
m
o Privacy
Issues-Social Media
o Privacy
Violations
o Identity
Theft
-
discussed credit card account takeover example
did
Feb 8
(the
ID theft page includes many interesting student videos
Mnemonic Passwords
did
Feb 15
------------------------------------
o Social
Engineering
did
Feb 8 and Feb 15
------------------------
o Email
filtering
did
o Patches
did
- Patches
video
did partly Feb 15
o Hacking and the Trojan
Horse
did Feb 15
o Hacking tools
did Feb 15
-----------------------------------
SOPs
Standard Operating Procedures
o Spyware
did
Feb 22
also
discussed difference between Spyware and Malware
--------------------------------
Competitor
Intelligence
did
Feb 15
-
Humint
-
Teckint
-
Osint
-
Geoint
discussed
difference between Information and Intelligence
did
Feb 15
videos
on SOURCES of COMPETITOR INTELLIGENCE
-
add comments,
-
agree
-
disagree
-
new suggestions of sources
.
a branded consumer product
noted,
make comments
.
a branded consumer service
noted,
make comments
.
an industrial product
noted,
make comments
.
an industrial service
noted,
make comments
----------------------------------
Arthur
Weiss
four
stages in monitoring competitors - the four "C"s
did
briefly Feb 15
1.
Collecting the info
2.
Convert info into intelligence
-
Collate and catalogue it,
-
Verify authenticity
-
Interpret it and Analyse it
3.
Communicating the intelligence.
-
to decision makers
4.
Countering any adverse competitor actions.
----------------------------------
o Competitor
Intelligence-Asia
did
Feb 22
----------------------------------
Risk
Management
Risk
Analysis
did
Feb 15
read
again on your own
di
AWB discussing Risk Analysis
-
what are you protecting
-
what is the threat
-
how much can you spend
-------------------------------
o Scams
updated
Feb 21
did
Feb 22
+ Do
Not Call Registry
+ 419
/ Nigeria scams
+ Facebook scams 2015
for
former TSC student Hasan
Shahzad re: scams
f
o DoS
Attacks
+ DDoS
attacks on DNS
-------------------------------
leverage
-
int'l finance risks
-
export finance risks
EDC
PEMD
f
HR
risks
Market
Risks
-
product and consumer risks
Reputational
(Branding) Risks
Special
Topics
----------------------------------
Financial
risk
intro
credit card fraud
needs
updating
Contingency
planning and Risk Analysis
for
Feb 22
o
Incident
Response Planning
o
Disasater
Recovery Planning
o
Business
Continuity Planning
Tolerate
Treat
Transfer
Terminate
-----------------------------------
Political Environment
ISO 31000 compliance
n
Political Risk
d
OECD
OECD Principles of corporate governance
----------------------------
Risk Management Strategy
Prevention
Detection
Response
1 min. 23 sec
Differences
in prevention, detection and response between crime and cybercrime?
-
watch and
make
comments
through
YouTube
Deterrence
Response
d
(Incident
response trends)
Schneier
schneier.com/news-185.html
relates
to vulnerabilities in cloud computing
Countermeasures
d
watch
video on Mnemonic passwords
mnemonics explained at 5:23
of the video
------------------------------------
Benefits to Managing Risk
Insurance
Bureau of Canada
ibc.ca/en/Business
_insurance
/risk_management/
---------------------------
o Encryption
o Viruses
.
WTGR comment (April 2014)
on Heartbleed virus and 900 SIN numbers stolen from CRA...on CTV
did
June 3rd
-
link down
also
www.ctvnews.ca/mobile
/video?clipId=322864
. . .
. . . . . . .
.
o Firewalls
o Honey
Pots
--------------------------------------
Domain Names
o domain scams
d
o domain phishing
did
Feb 22
o domain hacking
did
o domain Verisign
issues
relates
to fake renewal notices.
.
Domain Name Phishing and
Spear Phishing explained in a video
2 min 10 sec
d
.
Video 6 hacking
--------------------------------
Competition
o
Who is Competition
(
o
Types
of competition
(
Internal Risk & Threats
did Feb 22
existing employees
former employees
3rd party/outsourced employees
Third
Party Risks
Outsourcing
Risks
did
Feb 22
-------------------------
How
To Do Presentations
(read
thoroughly on your own)
included video tips
general tips and help
witiger.com/tips.htm
---------------
-----------------------
What does it mean when you
have to analyze something
- watch this video for tips
| Security Strategies
o Encryption fo Social
Media Analysis and the encrption challenge
o Viruses
Social
media messaging is getting around traditional firewalls
Responding
|
Feb 15
Feb 22
