Our very first code:RED – InfoSec Briefing was an incredible success. A big thank you to all who contributed towards this.
After weeks of preparation, coding, hacking and many late nights, we pulled off one of our best roadshows yet.
The idea behind the roadshow was simple, we wanted to raise awareness to the very important topic of information security by showcasing how real-world attacks occur on a daily basis.
We had a great team of industry experts that took time out of their busy schedules to educate us on what measures we can take to be more secure.
GTconsult co-founder and CEO, Bradley Geldenhuys, gave a very informative session on the importance of creating a security culture within a business.
We have found that more often than not, it is not a disgruntled employee that is opening up your business to hackers. It is the hardworking, dedicated employee who is always willing to help that may click a link or insert a USB drive into their computer in the effort to help the business.
So, what if an employee has compromised their computer? What would be the correct way to respond in this instance? Do you bite their head off for doing something that could be disastrous, or do you have a plan in place to quarantine the infected computer?
A security culture is something that should be second-nature to your employees. All of these plans, processes and measures can be entrenched within your security culture.
The power of Red, Blue and Purple
Scott McCann, Technical Account Manager at GTconsult, showed us how Red, Blue and Purple Teams play a vital part in protecting your business.
To make it simple; the Blue Team defends, the Red Team attacks and Purple Teams make sure the Red and Blue Teams work in harmony together.
The Blue Team should be an internal team that believes they are safe and secure without anyone telling them otherwise. The Red Team should be an external team only concerned with getting access to your system; and the Purple Teams should be the guys that have the business in mind and make sure that red and blue teams play well together.
One of the most insightful sessions was the session explaining what attackers are after. This was an in-depth session explaining the different types of hackers, what they are after, why they hack and how they attack.
This was a really eye opener and explained that there are only really three types of hackers; Black Hats, White Hats and Grey Hats.
Black Hats are the truly bad guys and they will always be a threat. White Hats are the angels of the bunch. They will let you know that your system is vulnerable and try to help you fix it…for a price of course. And whatever you do, don’t argue with them on Twitter.
Grey Hats are bipolar; they are the guys that do what they want depending on their mood in the moment. If they’re having a good day and they have access to your system, they’ll probably let you know and be on their way. But if they’re having a bad day, you will have a bad day. To wrap it up, they all want access to you, your files, your systems, your databases and they all want complete control of your systems.
An age-old question
Our final session posed the age-old question; can hardware and software protect you?
As you would imagine, the answer is a big, fat, juicy no. Geldenhuys showed off some interesting tech that demonstrated how easy it is to get access to a machine in under 10 seconds. We also had our Password Wall of Shame that showed all the breached passwords of the attendees at the event.
Jacques van Zijl from Microsoft joined us during this session and showcased the awesome new Advanced Threat Protection that Microsoft has released. Van Zijl and Geldenhuys had a hack-off with Geldenhuys attacking a computer and Van Zijl defending the same computer.
We would also like to give a huge thank you and shout of the Christo Goosen and Susi du Preez for joining us in Cape Town and sharing their expert knowledge in this space.
With the all the excitement going on, we also had some special prizes to give to our attendees such as some GTconsult and code:RED swag, Smart Locks and the grand prize, a Ring Video Doorbell system.
This is just the start of code:RED and we will definitely be having more roadshows in the near future.
If you would like us to come to your company and showcase our skills and service, contact us and we will set up a date that is convenient for you.
Here is the link to download the presentations.