Mitigate against failures & incidents
Risk management
Protection of information systems
Protection of data
Protection of service
Unauthorised access, harm or misuse
Damage of information
Failure of device
Failure of service
Failure of network
The Presence of vulnerabilities
Nature of threat
Effectiveness of security processes
Fail-safe defaults
Complete mediation
Separation of privilege
Least privilege
Least common mechanism
Work factor
Compromise recording
Economy of mechanism
Clear abstraction
Modularity & layering
Partially ordered
Secure evolvability
Safety-critical systems domain
Past decisions about a system
Swiss cheese model
Harmful effect of design choices
Large-scale connected systems
Function creep
Attacker economics
Microeconomic theory
Economics of deviant security
Systems lifecycle
Secure software lifecycle
Security throughout the lifecycle
Principal
Subject
Object
Identity based access control
Attribute based access control
Access rights
Access control matrix
Access Control list
Discretionary access controls(DAC)
Lattices
SELinux
Multi-level security policies
Flat RBAC
Hierarchical RBAC
Constrained RBAC
Symmetric RBAC
Java security model
.Net architecture
Permissions
Tamper resistance
Attestation
Superdistribution
FIDO UAF
XACML 3.0
Attribute-based access control(ABAC)
Policy administration points
Policy decision points
Policy information points
Policy enforcement points
Online certificate status protocol(OCSP)
Trusted computing base (TCB)
Authorisation
Execution monitors
In-line reference monitors
Rule combining algorithms
Biba
Clark-Wilson
Harrison, Ruzo & Ullman model
Enforceable policies
Access control logics
*-Property
Polyinstantiation
Certificate
Credential
Token
Sender policy framework (SPF)
Cross-site scripting
Cross-site resource sharing
Key-policy attribute-based encryption
Ciphertext-policy attribute-based encryption
SPKI/SDSI
Constrained delegation
Federated access control
Privacy by design
Risk-based authentication
Authentication tokens
Behavioural authentication
Two-factor authentication (2FA)
Recommendations
Liveness detection
Border control gates
Failure to capture
False rejects
False accepts
Spoofing
Needhame-Schroeder protocol
SAML
OAuth 2
Ticket granting server
Patterns for entity authentication
Authentication vs verified association
Authentication for credit or responsibility
Weak agreement
Non-injective agreement
Agreement
Aliveness
Audit policies
Analysing the evidence
Assessing the evidence
Write-once, read-many
Hash-chain
Certificate transparency
Private subdomains
Blockchains
AES
RSA
DES
PKCS
DSA
Kerberos
TLS
Stream ciphers
Feistel networks
Merkel-Damgard construction
Sponge constructions
Message authentication codes
Extendable output function
Key Derivation functions
ECB
CBC
OFB
CFB
CTR
AEAD
Key encapsulation mechanisms
Data encryption mechanisms
lattice-based constructions
RSA-OAEP
RSA-KEM
ECIES
Full domain hash
Probabilistic signature schemes
Schnorr signatures
Simulation of cryptographic operations
Universal composability
One-way
Passive attack
Indistinguishability
Chosen plaintext attacks
Chosen ciphertext attack
Universal forgery
Chosen message attack
Random oracle model
Pseudo-random functions
Pseudo-random permutations
Discrete logarithm problem
Diffie-Hellman problem
Post-quantum cryptography
PKI
Common reference strings
Good random number generation
One-time pad
Secret sharing
Encryption-based protocols
Message Authentication-based protocols
Zero-knowledge-based protocols
Key confirmation
Forward secrecy
Unknown key share security
Key transport
Diffie-Hellman key agreement
Station-to-station protocol
Oblivious transfer
Zero-knowledge
Σ-Protocols
Secure multi-party computation
Group signatures
Ring signatures
Blind signatures
Identity-based encryption
linearly homomorphic encryption
Fully homomorphic encryption
Coordination of resources vs coordination of resources
Client-server models
Storage systems
n-tier multi tenancy models
Databases
Edgers
Public
private
Hybrid
Multi-cloud
Big data services
High performance computing
P2P
Kademlia
Napster
Gnutella
Wireless sensor networks
Online gaming systems
Access/admission control & ID management
Data transportation
Resource management & coordination services
Confidentiality integrity & availability
Side channel attacks
Data consistency
Hybrid P2P protocols
Hierarchical P2P protocols
Symmetry of interfaces
Resilience to perturbations
Survivability through replication
Peer Resources at the network's edge
Address variance
Message passing
Distributed hash table
P2P operations
P2P data structures
Denial of service (DoS)
Collusion attacks
Pollution attacks
White washing
Buffer map cheating attacks
Sybil attacks
Routing table poisoning
Localised eclipse attacks
Topology aware localised eclipse attacks
Outgoing eclipse attacks
Reliable & secure group communication
Synchronous
Asynchronous
Partially synchronous
Validity
Termination
Strict consistency
linearisability
Sequential consistency
Causal consistency
Eventual consistency
Replication & coordination
Paxos
Byzantine Fault tolerance
Commit protocols
Consistency
Availability
Partition
Timing based
Value based
Characteristics
IaaS
PaaS
Operational attributes
Client-server model
Compromise of resources
Compromise of access/admission control
Compromise of VM
Compromise of scheduler
Compromise of broker
Compromise of communication
Mitigations
Web services
Key distribution
Storage
Transactional services, databases
Properties
Proof of work
Short transactions
Large transactions
E-commerce supporting transactions
Informational systems
Malicious extensions
Bootkit
Memory errors (software)
Memory corruption (hardware)
Uninitialised data leakage
Concurrency bugs and double fetch
Side channels (hardware)
Side channels (speculative)
Side channels (software)
Resource depletion (DoS)
Deadlocks (DoS)
Attack surface
isolation
mediation
IoT
security domains
Single domain
Monolithic OS
Microkernel based multi-server
Unikernel
Hypervisors
QubesOS
Drawbacks
Containers
Principle of economy of mechanism
Principle of fail-safe defaults
Principle of complete mediation
Principle of open design
Principle of separation of privilege
Principle of least authority
Principle of least commmon mechanism
Principle of psychological acceptability
Bell-LaPadula model
Biba model
Principle of minimizing the trusted computing base
Principle of intentional use
Trusted computer system evaluation criteria
Capabilities
Low-end devices and IoT
Physical access and secure deletion
Rings
Virtual memory
Hierarchical filesystems
Mandatory access controls
Discretionary access controls
Segmentation
Paging
Intel MPX
Intel MPK
memory tagging extensions
memory protection unit
Intel SGX
ARM TrustZone
DMA
ring -0
ring -1
ring -2
ring -3 / Intel ME
Formal verification
Fine-grained randomisation
KASLR
Shadow stacks
Indirect branch tracking
Pointer authentication
Data-flow integrity
Control-flow integrity
Write xor execute
SMEP & SMAP
Meltdown
Spectre
RIDL
Partitioning micro-architectural states
Page colouring
Boot checks
UEFI
Hypervisor supported introspection
Driver signing
PCRs
Anomaly detection
Querying encrypted databases
Homomorphic encryption
Merkle hash trees
PaX team
GRSecurity
System design
Code level
Configuration level
Towards More Scientic Development Methods
Limitations
Trace Properties
Hyperproperties
Relations on Systems
Logics and Specification Languages
Interactive Theorem Proving
Decision Procedures
Static Analysis
Dynamic Analysis
Hardware Verification
Side-Channels
API Attacks on Security Hardware
Theorem Proving
Model Checking Trace Properties
Model Checking Non-trace Properties
Stochastic Methods
Game-based Proofs
Simulation-based Proofs
Static Analysis and Typing
ASelf-composition and Product Programs
Freedom from side-channel attacks
Memory safety
Cryptographic security
Low-level Code
Functional Correctness of Kernel Components
Absence of Bug Classes
Web Programming
Web Components
Component Interaction
Full-stack Verification
Policy Analysis
Specification-based Synthesis
Breaches are costly
Vulnerablities can be exploited without being noticed
Patching can introduce vulnerabilities
Customers don't apply patches
Trusted computing
Vulnerability response & disclosure
Planning the implementation & deployment of secure development
Manage the security risk of using third-party components
Perfrom static analysis security testing
Perform dynamic analysis security testing
Perform penetration testing
Secure coding practices
Secure design principles
legal & industry requirement
Internal policies & standards
Incidents & feedback
Threats & risk
Common criteria
Manage the security risk of ssing third-party components
Perform dynamic analysis security testing>
Design & use cryptography standards
Use approved tools
Establish a standard incident response process
Provide training>
SQUARE
KAOS
KPIs
PCI DSS
GDPR
Saltzer schroeder principles
IEEE center for secure design principles
STRIDE
Games for threat modelling
Attack resistance analysis
Ambiguity analysis
Weakness analysis
Code review (tools)
Penetration testing
Security requirements
Security operations
Human error
OWASP ASVS
Provide training
Use software composition analysis & governance
Use tools & automation
Keep credentials safe
Use continuous learning & monitoring
OWASP mobile application security verification standard
Mobile security testing guide
Mobile app security checklist
Mobile application architecture
Mobile data
Threat agent identification
Methods of attack
Controls
Multitenancy
Tokenisation of sensitive data
Data encryption & key management
Shared-domain issues
SSO
Use of RFID tags
Default passwords & credentials
Use the manufacturer usage description
Develop a secure upgrade process
US National highway traffic safety administration
IS21434
US SPY car act
Intelligent & connected vehicles initiative
SAMM
BSIMM
Structural testing
Methodical testing
Methodical design
Semi-formal design
Semi-formal verified design
Formally verified design
ssl101
CVEs & CWEs
Safe languages
Spatial vulnerabilities
Temporal vulnerabilities
Code corruption attacks
Control-flow hijack attacks
Information leak attack
Data-only-attacks
SQL Injection
Command injection vulnerabilitiies
Script injection vulnerabilities (XSS)
Stored injection vulnerabiliites
higher-order injection vulnerabilities
Concurrency bugs
Time-of-check to time-of-use
Correct use
Correct implementation
Software-based Side-channels
Covert channels
Micro-architectual effects
Physical fault-injection
Rowhammer
Information flow
Defensive programming
Sandboxing
Principle of least privilege
Assertions
Contracts
Dangerous functions
Programming idioms
Resource acquisition is initialisation
Move semantics
Smart pointers
Checking compliance
MISRA
Trapped errors
Untrapped errors
Memory management mitigations
Immutable state
Dynamic checks
Static checks
Type systems
Query generation
Ownership
Aliasing
Stack canaries
Non-executable memory
Control flow integrity
ASLR
Compartmentalisation
Object-capability systems
Monitors
Jails
Soundness
Completeness
Taint analysis
Information flow analysis
Program verification
Abstract interpretation
Model checking
Soundiness
Black-box fuzzing
White-box fuzzing
Dynamic symbolic execution
Pre/post-conditions
Design by contract
Appification
Cookies
Uniform resource locators (URLs)
Hypertext markup language (HTML)
Cascading style sheets (CSS)
WebAssembly (Wasm)
WebViews
Protocol format
Script processing
Side-loading
Vetting procedure
Signing
Impact of user ratings & reviews on application security
Application isolation
Same origin policy (SOP)
Content security policy (CSP)
Security principles
Reference monitor
Different permission approaches
System applications
Third-party applications
Warning messages
Adoption
Rogues certificate authorities & certificate transparency
Form-based authentication
Biometrics
Graphical passwords
Unlock patterns
Password policies
Password strength meters
Password managers
WebAuthn
Auth
European payment services directive 2
Automatic updates in browsers
Automatic updates in apps
Outdated third party libraries
Address bar manipulation attacks
Internationalised domain name homographs attacks
Anti-phishing training
Drive-by-download attacks
Confused deputy attacks
HTML5-based storage
Information leakis in android applications
Smudge attacks
Shoulder surfing
Input sanitisation
Cross-site request forgery (CSRF)
Blind attacks
Second order attacks
Prepared statements
Restrictive development frameworks
Metadada filtering
Same-origin policies
Path sanitisation
Stored XSS attacks
Reflected XSS attacks
HeartBleed
Firewalls
HTTPS misconfigurations
Password leaks
Embedded systems
Real-time systems
Network protocols
Sensor networks
Discrete-time control
Networked-controlled systems
Hybrid systems
Safety
Reliability
Fault tolerance
Robust control
Safety vs security
protection of generators
Under frequency load shedding (UFLS)
Overcurrent protection
Over/under voltage
Architectural threats
High-profile real-world attacks
Lightweight security
Secure microkernels
Preventing transduction attacks
Bumb-in-the-wire
Wireless shield
Remote attestation
Network intrusion detection
Physics-based attack detection
Historical anomalies
Physical-law anomalies
Out-of-band detection
Active detection
Resilient control systems
Conservative control
Resilient estimation
Sensor fusion
Virtual sensors
Constraining actuation
Inertial resets
Reactive control compensation
Safe control actions
PLCs
RTUs
corporate networks
SCADA
Regulatory control
OT networks
Intrusion detection
Bulk power system
Efficiency
Consumer choice
Load-altering attacks
Traffic flow control
Demand management
Incident management
Vulnerabilities
Privacy concerns of drones
Transduction attacks on sensors
Attacks on quality
Safety problems
Attacks
Touch-to-access principle
DDoS attacks
Botnets
Privacy invasions
Attacks on digital assistants
Security hubs
Regulation
Incentives
Cyber criminals
Disgruntled employees
Terrorists & activists
Tallinn manual
Koh Wpeech
Acts of war
ISA 99/IEC 62443
NIST SP 800-53
NIST-IR 762
NERC standards
IEC 104
PROFINET
IEC 62351
ETSI TS 103 645
Threat model
Systems
Current, voltage
Logic
Register transfers
Algorithms
Transistors
Gates, flip-flops, etc
ALUs, RAM, etc
Processor
Physical partitions
Transistor layout
Cell layout
Module layout
Floorplans
SIMs
TPMs
Common Criteria & EMVCo
SESIP
Approved cryptographic algorithms
Tamper evidence
Hardware security module (HSM)
secure element & smartcard
Root of trust for measurement
Root of trust for storage
Root of trust for reporting
IBM 4758 secure coprocessor
ARM trustzone
Virtual machines
Trusted execution environment
Small TCB implementations
Zero TCB implementations
Intel software guard extension (SGX)
Qarma
SMART
Hardware shadow stacks
Isolation
Sealed storage
Memory protection
Protection
Cryptocurrency mining
Public key algorithms
Quantum resistant algorithms
Homomorphic encryption schemes
Secret key algorithms
Secret key light-weight algorithms
Electronic design automation (EDA)
Register transfer level (RTL)
Application specific integrated circuit (ASIC)
Field programmable gata array (FPGA)
Power consumption
RowHammer
Sensors
Foreshadow
Differential power analysis
Electro-magnetic radiation attacks
Template attacks
Simple power analysis
Constant time execution
Redundancy
Randomisation
Masking
Hiding
Micro-code updates
Machine learning attacks
Weak PUFs
Strong PUFs
True random number generation (TRNG)
Pseudo random number generation (PRNG)
Time
Design & fabrication of silicon integrated circuits
Trojan circuits
Cicuit level techniques
Board level security
Secrecy Capacity
Friendly Jamming
Quantisation
Information reconciliation
Key verification
Orthogonal blinding
Zero-forcing
Integrity codes
Frequency Hopping
Direct sequency spread spectrum
Chirping
Countermeasures
Coordinated spread spectrum techniques
Uncoordinated spread spectrum techniques
Signal anihilation & overshadowing
Constant
Reactive
Device under identification
Inferred characteristics
Modulation errors
Time-related parameters
Clock skew
Turn-on transient duration
Universality
Uniqueness
Collectability
Permenance
Robustness
Data-dependency
Signal replay
Feature replay
Distance measurement techniques
Distance fraud
Mafia fraud
Terrorist fraud
Distance hijacking
RSSI-based distance estimation attacks
Time of flight based ranging attacks
Spoofing attacks
Verifiable multilateration
Secure positioning based on hidden stations
Wormhole attacks
Shielding
Multi-factor authentication
Protocol augmentation
Timing restrictions
Distance bounding
ADS-B
Multilateration
GSM
3G
GPRS
4G (LTE)
Authentication protocols
5G
Galileo
Signal spoofing attacks
Non-coherent & modified message contents
Non-coherent but unmodified Message contents
Coherent but modified message contents
Coherent & unmodified message contents
Seeamless takeover attack
Counter measures
The Cryptographic Triumvirate
Hash functions
Block ciphers
Message Authentication Code(MAC) schemes
AE Security
Nonces in AE
AE Variants
Constructing AE Schemes
PKE Security
Key Encapsulation Mechanisms
Some common PKE schemes and KEMs
From Diffie-Hellman to ElGamal
Digital Signatures
Cryptographic Diversity
The Adversary
The Role of Formal Security Definitions and Proofs
Key Sizes
Development of Standardised Cryptography
Post-quantum Cryptography
Quantum Key Distribution
From Schemes to Protocols
Cryptographic Libraries
API Design for Cryptographic Libraries
Length Side Channels
Timing Side Channels
Error Side Channels
Attacks Arising from Shared Resources
Implementation Weaknesses
Attacks Arising from Composition
Hardware Side Channels
Fault Attacks
Defences
Random Bit Generation
The Key Life-cycle
Key Derivation
Password-Based Key Derivation
Key Generation
Key Storage
Key Transportation
Refreshing Keys and Forward Security
Binding Public Keys and Identities via Certificates
Reliance on Naming, CA Operations and Time
Reliance on Certificate Status Information
Reliance on Correct Software and Unbroken Cryptography
Other Approaches to Managing Public Keys
The Challenges of Consuming Cryptography
Addressing the Challenges
Making Cryptography Invisible
Transport Layer Security
Apple Message
Signal
Telegram
Contact Tracing a`la DP-3T
Future of Applied Cryptography
Security Goals in Networked Systems
Attacker Models
Local Area Networks (LANs)
Connected Networks and the Internet
Bus Networks
Wireless Networks
Fully Distributed Networks: DHTs and Unstructured P2P Networks
Software-Defined Networking and Network Function Virtualisation
IPv4 Security
Hyper Text Transfer Protocol Secure (HTTPS)
DNS Security
Network Time Protocol (NTP) Security
Distributed Hash Table (DHT) Security
Anonymous and Censorship-Free Communication
TLS (Transport Layer Security)
Public Key Infrastructure
TCP Security
UDP Security
QUIC
IP Spoofing
Fragmentation Attacks
VPNs and IPsec
NAT
IPv6 Security
Within an Autonomous System (AS)
Across ASs
ICMP Security
Port-based Network Access Control (IEEE 802.1X)
WAN Link-Layer Security
Attacks on Ethernet Switches
Address Resolution Protocol (ARP) / Neighbor Discovery Protocol (NDP)
Network Segmentation
Wireless Security
Bus Security
Application Gateway (AG)
Circuit-level Gateway (CG)
DMZ
Intrusion Prevention System (IPS)
Network Security Monitoring
SDN and NFV Security
Network Access Control
Zero Trust Networking
DoS Countermeasures
Cloud and Data Center Security
Delay-Tolerant Networks and Ad-hoc Sensors Networks
Network Covert Channels
Payment Networks
Physical-Layer Security
Networking Infrastructure Security
Cross-Border Regulations
Cyber-enabled crime vs cyber-dependent crime
Cyberbullying
Doxing
Cyberstalking
Sextortion
Child Predation
Advance fee fraud
Drug dealing
Phishing
Ransomware
Directive on privacy & electronic communications
Privacy & electronic communications regulations
CAN-SPAM
Botnet as a service
Card skimming
Insider threats
Dumpz
Fullz
Click fraud botnets
Montization rates
Cryptojacking
Low Orbit ion cannon
Denial of service
Low orbit Ion cannon
Data leaks
Web defacements
Differences from financially motivated attacks
Sabotage
Espionage
Disinformation
Affiliate programmes
Malicious attachments
Black hat search engine optimisation
Drive-by download attacks
Compromising interent-connected devices
Bulletproof hosting
Multi-tier botnets
Fast flux
Domain flux
Exploit kits
Pay-per-install services
CAPTCHA solving services
Fake accounts
Content generation
Reshipping Mules
Credit card processors
Paypal
Western Union & untraceable payments
Cryptocurrencies
Flow of capital
Attribution
Attack Graphs
Reconnaissance
Weaponisation
Delivery
Exploitation
Installation
Command & control
Actions on objectives
Other models
Routine activity theory
Rational choice theory
Pattern theory of crime
Crime scripting
Hot spots
Hot products
Repeat victims
Adaptation
Displacement
Forensic science
Cyber domain
Digital (forensic) trace
Computer misuse act
Cyber crime
Atandards for the presentation of scientific evidence in legal proceedings
ACPO good practice guide for digital evidence
BS EN ISO/IEC 17020:2012
BS EN ISO/IEC 17025:2005
Relevence
DFRWST
NIST
Working
State-centric
History-centric
The sense making loop
Differential analysis
External data sources
Schema
Sense-making loop
Search & Filter
Read & Extract
Schematize
Build Case
Tell Story
re-evaluate
Search for suport
Search for evidence
Search for relations
Search for information
Explore
Enrich
Exploit
Benefits of Independent Forensic reconstruction
Physical media
Block device
File system
Application artifacts
Mobile phone data acquisition
chip-off techniques
RAID data recovery
Approaches to API based recovery
Block-level acquisition
Cryptographic hashes
Technical challenges
Legal challenges
Blocks
Files
File systems
Partitions
logical volumes
Carving techniques
Fragmentation
Slack space
Process information
File information
Network connections
Artifacts & fragments
Challenges of live forensics
URL history
Form data
Temporary files
Downloaded files
HTML5 Local storage
Forensic challenges
SaaS
LaaS
Partial replication
Revision acquisition
Cloud-native artifacts
Cryptographic hashing
Block-level analysis
Cload-native artifacts
Bytewise matching
Syntactic matching
Semantic matching
Bytewise approximate matching
Potentially unwanted programs
Standalone or host-program
Persistent or transient
Layers of system stack
Auto-spreading
Dynamically updatable
Coordinated
Viruses
Malicious browser extensions
Botnet malware
Memory-resident malware
Advanced persistent threats
Underground eco-system
Confidentiality
Integrity
Static analysis
Dynamic analysis
Fuzzing
Symbolic execution
Offline concolic execution
Online concolic execution
Hybrid execution
Path exploration
Machine emulator
Type 2 hypervisor
Type 1 hypervisor
Bare-metal machine
Safety & live-environment requirements
Virtualised Network environments
Packing
Code Emulation
Basic blocks
Tracing
Finger printing
Multi-path analysis
Red pill techniques
Malware distribution methods
Malware infection dites
Runtime detection
Heuristics
Polymorphism
Update routines
Machine learning-based security analytics
Host-based
Network-based
Spam detection
DDoS detection
Ransomware detection
Botnet detection
Machine Learning counter measures
DNS Fast-flux
Domain-name generation algorithms
Command & Control takedown
P2P takedown
Historical signatures
WHOIS
Security information & event management (SIEM)
Security orchestration analytics & reporting (SOAR)
MAPE-K
Demilitarised zone (DMZ)
Intrusion prevention systems
CISOs & analysts
Cyber-threat intelligence (CTI)
Information sharing & analysis center (ISAC)
Volume
Packet size
Segmentation & fragmentation
Timestamps
MAC layer interpretation
Application layer interpretation
Encryption
LoRa
Profinet IRT
Netflow/IPFix
DNS
DNSSEC
DNS as DDoS amplifier
detecting botnets by DNS
BGP hijacks
Common log format
Extended common log format
Files & documents
Audit trails
Orange book
STIDE
Expert-BSM
Format
Protocol
CVE
Antivirus engines
Haystack & NIDES
Snort
YARA
support vector machines
C4.5
Graph-based models
Anomaly models
Specification vs learning
Adherence to use cases
Blended misuse & anomaly detection
Datasets
Machine learning for malware detection
Encoding
Transport protocol
Syslog
CEF
LEEF
CIM
XDAS[CADF
CEE
IDMEF
Correlation between alerts
Correlation between alerts & the environment
Correlation between alerts & external services
Incident & Information exchange
Session border controllers
Web application firewalls
Software defined networking (SDN)
Cyber Insurance Models
CVSS
CWE
CAPEC
Indicators of compromise
Signatures
Information sharing & analysis centres
TF-CSIRT
FIRST
ENISA
Mitigation
Gathering evidence
Performance metrics
Communication
Attack attribution
Effectiveness
Satsifaction
alarm fatigue
One-time passwords
Improving memory
Passwords
Human biases
CAPTCHAs
Production & enabling tasks
Workarounds to security mechanisms
Workload measurement
Security fatigue
Compliance fatigue
contextual inquiry
Light
Noise
Temperature
Pollution
Social context
Device capabilities & limitations
Latent usability failures in systems-of-systems
Mixed-mode thinking
Shadow security
Security hygiene
Only the first step
Education
Training
Security awareness games
Mental models of cyber risks & defences
Fear uncertainty & doubt
People are not the weakest link
Projective techniques
Creative security engagements
Physical models
Developers & password security
App development & vulnerabilities
StackOverflow
API usabaility
Disconnects between developers & users
Legal terminology
Applying law to cyberspace & information technologies
Criminal law
Civil law
Liability & courts
Evidence & proof
Holistic approaches to legal risk analysis
Prescriptive jurisdiction over online content
Prescriptive jurisdiction over computer crime
Seizure & forfeiture of servers domain Names & registries
Territorial location of the right to demand repayment of bank deposits
Foreing recognition & enforcement of civil judgments
Arrest of natural persons in state territory
Extradition of natural persons
Technological content filtering
Orders to in-state persons directing production of data under their control whether held on domestic or foreign IT systems
International legal assistance
data sovereignty
Metadata
Human rights
Interception by a state
Interception by persons Other than states
Enforcement of privacy laws
Definitions
De-anonymisation
Processing
Controller & processor
Core Regulatory principles
Transfers pursuant to international mutual legal assistance treaty
Derogations allowing transfers
Personal data breach notification
Enforcement & penalties
Improper access to a system
Improper interference with data
Improper interference with systems
Improper interception of communication
De Minimis exceptions to crimes against information systems
The enforcement of & penalties for crimes against information systems
Warranted state activity
Research & development activities conducted by Non-state persons
Undisclosed software locks
Hack-back
Time of contract & receipt of contractual communication
Supply chain
Closed trading & payment systems
Freedom of contract & its limitations
Wanarties & their exclusion
Limitations of liability & exclusions of liability
Breach of contract & remedies
Effects of contract on Non-contracting parties
Conflict of law-contracts
Understanding intellectual property
Copyright
Patents
Trademarks
Trade Secrets
Criminal liability
Civil liability
Circumventing copyright technological protection measures
Testing a proprietary cryptographic algorithm
International treatment & conflict of law
Shields from liability
Take-down procedures
Admission into evidence of electronic documents
Requirements of form & the threat of unenforceability
Electronic signatures & indentity trust services
Conflict of law - electronic signatures & trust services
NIS directive
Restrictions on exporting security technologies
Matters classified as secret By a state
Attributing action to a state under international law
State cyber operations in general
Cyber espionage in peacetime
Cross-border criminal investigation
The law of armed conflict
Obligations owed to a client
Codes of conduct
Vulnerability disclosure
Facilitating & acting on vulnerability disclosure
E2EE
OTR
Outsourcing
Private information retrieval
Efficiency concerns
Collaborative computation
ZK-SNARK
Attribute based credentials
K-anonymity
L-diversity
Generalisation
Suppression
Dummy addition
Perturbation
Mix networks
VPNs
Dificulty of defence
Cookie-based techniques
Clustering techniques
Machine Learning based techniques
P3P
Purpose-based access control
Sticky policies
Privacy policy interpretability
Privacy mirrors
Privacy nudges
Formal methods-based approaches
Distributed ledgers
Ballot secrecy
Universal verifiability
Eligibility verifiability
Verifiable shuffles
Blind-signature-based schemes
Homomorphic encryption-based schemes
Anonymous petitions
Eternity service
Freenet
Tangler
Mimicking
Tunneling
Bridging
Refraction networking
Minimize trust
Minimize risk
Minimise collection
Minimise disclosure
Minimise replication
Minimise centralization>
Minimise linkability
Privacy evaluation
Risk assessment
Levels of perceived risk
Technocratic
Decisionistic
Transparent
Risk Perception Factors
Training & inducement of behaviour change
Creation of confidence
Involvement
Awareness metrics
Just culture
Presentation of risk assessment information
Risk communication principles
Component vs systems prespectives
Vulnerability
Threat
Likelihood
Impact
Prepare
Conduct
Communicate
Maintain
ISO/IEC 27005
FAIR
Octave allegro
Attack trees
STAMP
TOGAF
Dependency modelling
SABSA
OT
ICS & CNI
NIS
Triaging
Patching and reconfiguring
Role of automation
Characteristics of good metrics
Regulatory compliance
Actor-oriented approaches
Quantitative vs qualitative approaches
Plan & prepare
Detection & reporting
Assessment & decision
Response
Learning
Establish incident response capability
Roles
Recovery
Test
Report
Gather evidence
Develop
Copyright © 2020
