Let's focus on Human Firewall as we focus on Application or Network Firewall because Human/Awareness is the First Step in Mitigating security risks.

1. ‫التقنية‬ ‫جودة‬ ‫منتدى‬
‫السبت‬18‫رجب‬1437‫هـ‬/Saturday, 15 April 2017
Fadi Ahmad Abdulwahab
Fabdulwahab@outlook.com
Development Manager @ SURE
www.sure.com.sa
Quality in Cyber Security Awareness
Technology Quality Forum
Source: https://goo.gl/q0iDBc Source: https://goo.gl/gsTnPa

2. What is Cyber Security? – All are Related
Information Security
(Data)
Computer Security Network Security
Software Security
IT Security
(Process)
Human Security

3. But What is it?
• Saving my accounts in banksConfidentiality
• No changes in my accountsIntegrity
• Accessing my accountsAvailability

4. Security is not only Software or Hardware
Governments need to
keep their countries
secure
Financial institutions
need to secure our
transactions
Organizations need to
secure their intellectual
property
Businesses need to
secure their customers’
information
Hospitals need to secure
human lives

5. Why Cyber Security?
 Security is getting worse
 3B users, 1B websites and 9B connected devices
 Nothing is 100 % Secure

6. Financial vs. Reputation
By 2017, the Global Cyber
Security Market is expected
to skyrocket to $120.1 billion
from $64.7 billion in 2011
The Estimated Annual Cost of
Global Cybercrime is $375 Billion
Source: http://www.marketsandmarkets.com/Market-Reports/cyber-security-market-505.html?gclid=CKza6bOmo9MCFQu3Gwod5AMBtg

7. Shamoon & Ransomware virus

8. Shamoon & Ransomware virus

9. Wearepartoftheproblem

10. Wearepartoftheproblem

11. We are part of the problem - Rubber Ducky USB

12. We are part of the problem - Wifi Pineapple

13. Some Companies Lie - Marketing
 100% Secure or Hack Proof
 All software has bugs

14. Some Companies Lie - Reputation

15. Some Companies Lie - Reputation

16. Who is Right? - Policies
The only secure password is the one you
can’t remember

17. Ask Wrong Questions?

18. Ask Wrong Questions?

19. The Attacks Will Continue
Sources: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project

20. HTTPs ≠ HTTPs (with Quality)

21. HTTPs ≠ HTTPs (with Quality)

22. Pen Testing - False Positive/True Negative

23. People’s Role in Cyber Security
People make the hardware and software
People write the code that is insecure
People manage the tools that stop attacks
People categorize, prioritize and directly impact outcomes
People set the rules and try to follow them

24. Quality in Cyber Security Awareness
ftware Security
• Software developers are the first and best line of defense
for the security of their code
Human Security
• Awareness is the First Step in Mitigating security risks
• Education with practice
• Trust but verify
All Types
of Security
• It's everyone's responsibility
• Technology, Process and Human

25. National Transformation Program 2020
Cost cutting
Use resources correctly
Reduce risks

26. Maximize Your Quality – Before Go Live
 https://beforegolive.com
 For IT community and environments
 Best practices and recommendations
 OWASP Top 10, CIS benchmark

27. Thank you for Attending
 Fadi Ahmad Abdulwahab
 Specialist in (Web Security – Performance - High Availability – Cloud )
 Author for
 Maximizing SharePoint Security whitepaper
 Maximizing SharePoint Availability whitepaper
 Blog https://fabdulwahab.com
 Twitter @fadi_Abdulwahab
 fabdulwahab@outlook.com