為提供您更佳的服務,本網站使用 Cookies。當您使用本網站,即表示您同意 Cookies 技術支援。更多資訊請參閱隱私權聲明確定

bg-inner
09/20 14:45 - 16:45

InfoSec Card Game Play Test

Experience a highly interactive cybersecurity card game! Players not only have fun but also learn the basic concepts of the Cyber Defense Matrix (CDM) security model. By abstractly simulating real-world security incidents, players learn common attacker techniques, the effectiveness of current defensive techniques, and how to use CDM concepts to build an effective and efficient defense—on a budget!


This course is divided into three parts: lecture, discussion, and game! 


First, we will introduce the importance and usefulness of security models used by researchers and analysts, such as CDM, NIST CSF, and Mitre ATT&CK. We will then compare the security models and explain how researchers and analysts use these models to break down cyberattacks into individual techniques and their intended uses, stretching from initial access to data exfiltration and impact. Attendees will learn how cybersecurity analysts map out—and eventually predict—attack behavior and how to use CDM with various information security frameworks to formulate effective security strategies and fill gaps. Most importantly, attendees will be able to immediately use this knowledge in our new highly interactive card game that leverages CDM concepts in a fun, educational, and approachable way highlighting the importance of cybersecurity. 

LOCATION Taipei Nangang Exhibition Center, Hall 2 4F 4D
Session Goal

In the introduction and discussion of this course, attendees learn about defense logic and information security strategies by understanding how to use security frameworks and models to breakdown cyberattacks into individual attack techniques, how they chain off each other, how to recognize attacker behavior, and how to leverage this knowledge to build effective and effecient defense strategies as well as the modern defense solutions that keep enterprises today secure.

Session Summary

1. Introduction to infosec models and frameworks (CDM, NIST CSF, ATT&CK)

2. How to use CDM to analyze attack methods

3. Introduction to information security defense methods

4. Combination of CDM and defensive methods/infosec management

5. CDM themed inforsec card game competition

Device Requirement You Should Prepared for

None. No equipment is needed for this course. However, it is recommended to bring a device capable of performing data inquiry and web browsing, such as a smart phone, tablet, or laptop.

Skills Requirement You Should Have

None. This course is target towards individuals with IT or InfoSec work experience but with little understanding of attack method terminology; however, all are welcome.

Limit on the Number of Attendee
20

SPEAKER

Dange Lin

CyCraft Cyber Security Researcher

Dange Lin is a cybersecurity researcher at CyCraft Technology and focuses on automotive security, cloud security, machine learning, and threat intelligence analysis. He is currently responsible for cybersecurity for MIH Working Groups. He has delivered speeches at various seminars including HITCON, MOPCON, and CYBERSEC.


Gary Sun

CyCraft Cyber Security Researcher

Gary Sun is a cybersecurity researcher at CyCraft Technology and is currently focused on ETW security and .NET malware analysis. He graduated from the Institute of Network Engineering at National Yang Ming Chiao Tung University and has published papers at the Cryptology and Information Security Conference (CISC).