Chris and Michael will be presenting at the 24th International Computer Security Symposium & 9th SABSA World Congress, which will be held in Ireland between the 1 – 5 October 2016.
The following provides a synopsis of their sessions, visit the COSAC website here for more information and the full conference schedule.
2S Using SABSA to Architect Zero Trust Networks
In 2014, Google threw away its traditional approach to securing its services and reimagined what security should look like to be truly effective in today’s world of distributed teams, systems, and applications.
They developed BeyondCorp, a perimeterless architecture that does away with the idea of trusted networks and treats all applications as if they are Internet connected, thereby creating an environment that is zero-trust by default. Every request is authenticated and authorised in real-time based on a set of dynamic conditions that considers changes in user status and device state.
This interactive session will explore how to apply SABSA to architect a zero-trust network through the layers of the SABSA matrix. This will be supported by a sanitised case study to highlight and discuss the real-world challenges and how they were overcome when architecting a zero-trust network for a New Zealand organisation.
3S Architecting a Modern Authentication Service in the Cloud
Every organisation needs to appropriately authenticate users before granting them access to resources. It should be reasonably straightforward for any organisation to architect, design, implement and manage an Authentication Service but it appears that this couldn’t be further from the truth.
We often hear of organisations struggling with some pretty common issues; implementing and enforcing strong passwords, implementing ‘same sign-on’ solutions rather than a true ‘single sign-on’, and ensuring that user accounts are removed when the user no longer require access.
But we live in a modern world, and there are new and emerging services, methods, and technologies that make user authentication more effective and easier to manage than ever before. Identity Federation, access tokens, and universal authentication (U2F/UAF) are just some of the technologies that have the potential to create an effective and efficient authentication service that makes life easier for the end-user, while ensuring that an organisations resources are securely accessed.
This session will provide an overview of how SABSA was used to architect and design a modern Authentication Service for an organisation adopting cloud services. It will present a sanitised case study and will show how SABSA was applied to deliver a service based on popular cloud services platform.
6S How to Write a Great SABSA Advanced Exam Answer
Chris Blunt & Michael Price
Are you planning to sit a SABSA Advanced course? Or have you recently attended a course but haven’t yet written and submitted your exam answers? Then this is a session you can’t afford to miss!
During this interactive session we will explore and discuss a range of strategies for writing a great SABSA Advanced exam answer using model exam questions to show how to:
- evaluate the question to ensure you know what is being asked of you;
- use a hypothetical or real-world case study to frame your answer;
- plan and structure your answer to ensure that you cover each area of the question;
- assess the competency verbs in the question to ensure that you understand them and can meet them; and
- effectively present the application of your chosen combination of SABSA methodologies, techniques and approaches.
The presenters have scored between 91% and 100% in their Advanced exams, with the average being 96.25% between them. One of them is a SABSA Chartered Architect Master (SCM) and a marker of Advanced exam papers.
The goal of the session is to provide the participants with a set of tools they can use to write great answers for their SABSA Advanced exams!
W2 COSACclue: A Surprisingly Serious Approach to Incident Response
Chris Blunt & Lisa Lorenzin
Last year we explored how security practitioners can find a new way of looking at enterprise security by learning the way a child does – through play. We found that by updating a popular board game to create COSACopoloy, lifelong security practitioners discussed common information security issues and freely shared and learned from each other’s experiences whilst having fun!
This year we build on this to explore how play can help security practitioners explore incident detection and response. Again, we will update a popular childhood game to provide a new lens for examining evidence and common issues in incident response. Players will collect clues and examine evidence to try and determine “who” (which threat actor), “how” (exploited what vulnerability), to do “what” (gain advantage).
We will also be running a couple of games of COSACopoly for those that missed out on the opportunity to play it last year. Players start with money and data, and must spend that money acquiring “properties” (security services) to protect their data from “chance” (random risks and opportunities).
We learn best from each other, and from the chance to go off-script and see where inspiration takes us. COSACclue, like COSACopoly, will spark conversations, demand tough decisions, and offer a free-form venue for exploring a variety of approaches to today’s information security challenges.