Cyber-Security Webinars

Produced in association with Cyber-Security: A Peer-Reviewed Journal, this brand new, educational webinar series has been designed to brief the information security community on the issues that matter. The key issues and themes to be examined in this series include: 

  • Protection Information Assets & Technology 
  • Information Security Policies & Processes
  • Information Security Standards & Controls 
  • Information Compliance 
  • Security Technologies
  • Information Risk Management 

 

How can we regulate cyber-security for critical energy infrastructure?

Thursday 7th November 2019

Tom Alrich

Across the world, attention to cybersecurity threats to critical energy infrastructure (CEI), including electric power, natural gas and petroleum pipelines, oil refineries and petrochemical plants, is growing rapidly. This is especially true as these have become the targets of geopolitical warfare threats (and actual attacks).

Because of perceived cybersecurity deficiencies on the part of CEI owners, some governments are considering (or even implementing) regulations on owners and operators of CEI. What lessons can be learned from the North American experience with the NERC CIP standards for cybersecurity of the electric power grid?

In the US and Canada, infrastructure of the electric power industry has been subject to the mandatory NERC CIP (North American Electric Reliability Corporation – Critical Infrastructure Protection) standards for ten years. What lessons can be drawn from that experience, on how to establish an efficient, effective and future-proof cybersecurity standards regime for CEI?

About the speaker: 

Tom Alrich is a well-known consultant on compliance with the North American Electric Reliability Corporation — Critical Infrastructure Protection (NERC CIP) cyber security standards for the North American electric power grid.

Tom writes a blog (available at http://tomalrichblog.blogspot.com/) on new developments in the CIP standards, which gets a lot of attention from the power industry and from the regulators. He is currently writing a book on problems with the NERC CIP standards and how they can be solved.

Tom has previously consulted on NERC CIP for Deloitte and Honeywell. He has a degree in economics from the University of Chicago.

Understanding the "Human Factor" in Cyber-Attacks

Wednesday 11th December 2019

Chris Kayser

The “Human Factor” – how human nature and human curiosity dominate how we act when accessing technology, often determines whether or not we will be victimized by a socially engineered cyberattack.

By raising awareness about how to determine the legitimacy of electronic communications, being able to recognize when we are being socially engineered, and mistakes we make in responding to trickery used by cybercriminals incorporating social engineering, rates of cyber-victimization can be effectively reduced.

Referencing his new theory RESCAT (Required Elements of a Social Engineered Cyber Attack Theory), Chris Kayser will explain how our decision processes when exposed to a socially engineered cyberattack, based on human nature and curiosity, can determine whether or not we will become a cybervictim.

About the speaker: 

Chris Kayser is the Founder, President and CEO of Cybercrime Analytics Inc., a Calgary-based cybercrime consulting and research company. His 25+ years in the computer field, 15 years in the financial services industry, plus research and work in cybercrime investigation and cybersecurity continue to make him a sought after consultant, researcher and presenter.

Observing how cybercriminals were utilizing advanced computer technology to attack individuals, organizations, and governments, Chris commenced an intensive study program to address these issues. He earned a Master of Criminal Justice with a Subconcentration in Cybercrime Investigation and Cybersecurity, a Graduate Certificate in Cybercrime Investigation and Cybersecurity from Boston University and became a member of the Honors Society of Criminal Justice – Alpha Phi Sigma.

He is an active member of CATA Alliance, CATA's eCrime Cyber Council, the Academy of Criminal Justice Sciences (ACJS), American Society of Criminology (ASC), SERENE-RISC, and ISACA (Information Systems Audit and Control Association) and holds a Chartered Market Technician certification from the Market Technicians Association.

Chris has co-authored two research papers in the field of cybercriminology, and has recently introduced a new theory - RESCAT (Required Elements of a Social Engineered Cyber Attack Theory), explaining the importance of social engineering as it relates to cybercrime. He is also the author of “How to Master an Online Degree – A Guide to Success” that is recommended reading for a number of university-level courses.