I had a great opportunity to visit another useful seminar on the topic of cybersecurity. This time I visited Central Bank of the Republic of Turkey during 16-20 October 2018 in Istanbul.
The same as the previous seminar, I had the first full day with no scheduled events. Istanbul is an extremely huge city with lots of places to see and to visit, but due to lack of time, I was able to visit only the most popular places. For me, it was a new experience and opportunity to get something new from Arabic culture.
The first day of the seminar (17th of October) was mostly related networking between speakers and participants. We shared the best practices of IT security infrastructure and case studies. Also, we went through the basics of Monitoring technologies (SIEM, UEBA, NFT, EDR, Cyber Deception) and covered module about People & Processes. So, basically, the first day gave us a basic understanding of what we will cover during this 4 days of training.
The second day of the seminar (18th of October) was 70% about Splunk and about 30% user and entity behavior analysis. Splunk is a good solution for enterprise security (also it has a free version with limited functionality for small and middle business). With this software, you are able to make risk-based analytics to align security operations with the business, visualize and discover relationships for faster detection and investigation, and enrich security analysis with threat intelligence.
The third and fourth days (19-20th of October) were all about practical use of Cyber Security methodology and threat and vulnerability management. During those days we covered: network security taxonomy, vulnerability scanning tools, policy, scan, reporting and went through vulnerability details.
Another useful topic that was studied briefly was mail server scanning and alert triggers setting both for internal and external recipients.
Based on IT of IMB experience 91% of all attacks are based on phishing emails, so it is really important to support organization internal awareness and create at least basic seminars for employees to reduce potential risks.