BMW WELT München, 14. November 2017

Similar documents
Chapter 1: Positional Play

Advanced Players Newsletter

Chess Rules- The Ultimate Guide for Beginners

Contents. Introduction 5 How to Study this Book 5

Chess for Kids and Parents

POSITIONAL EVALUATION

All games have an opening. Most games have a middle game. Some games have an ending.

White Gambits. Boris Alterman

Tactics Time. Interviews w/ Chess Gurus John Herron Interview Tim Brennan

Dan Heisman. Is Your Move Safe? Boston

An End Game in West Valley City, Utah (at the Harman Chess Club)

Essential Chess Basics (Updated Version) provided by Chessolutions.com

C SC 483 Chess and AI: Computation and Cognition. Lecture 2 August 27th

The King Hunt - Mato Jelic

OPENING IDEA 3: THE KNIGHT AND BISHOP ATTACK

Queen vs 3 minor pieces

LEARN TO PLAY CHESS CONTENTS 1 INTRODUCTION. Terry Marris December 2004

A Simple Pawn End Game

- 10. Victor GOLENISHCHEV TRAINING PROGRAM FOR CHESS PLAYERS 2 ND CATEGORY (ELO ) EDITOR-IN-CHIEF: ANATOLY KARPOV. Russian CHESS House

1. I m considering buying a chess computer, what are some of the advantages of owning one?

Contents. Part 1: General. Part 2: The Opening. Part 3: Tactics and Combinations. Introduction 6 Symbols 6

D35 Alekhine,A Capablanca,J H Buenos Aires 1927

Chess Lessons in Utah

Chess Handbook: Course One

CHESS IN SCHOOLS DO WE TEACH IT THE RIGHT WAY?

2. Review of Pawns p

Here is Part Seven of your 11 part course "Openings and End Game Strategies."

FOR THE CROWN Sample Play

C SC 483 Chess and AI: Computation and Cognition. Lecture 5 September 24th

ChesServe Test Plan. ChesServe CS 451 Allan Caffee Charles Conroy Kyle Golrick Christopher Gore David Kerkeslager

Mastering basic rook endgames

Adamczewski,Jedrzej (1645) - Jankowski,Aleksander (1779) [C02] Rubinstein Memorial op-c 40th Polanica Zdroj (2),

Chess Evolution 2. Artur Yusupov

Unit. The double attack. Types of double attack. With which pieces? Notes and observations

The Evergreen Game. Adolf Anderssen - Jean Dufresne Berlin 1852

The Grandmaster s Positional Understanding Lesson 1: Positional Understanding

12 Special Moves - Stalemate, Pawn Promotion, Castling, En Passant capture

The Chess Set. The Chessboard

Welcome to the Brain Games Chess Help File.

DOWNLOAD PDF HOW TO PLAY CHESS! TACTICS, TRAPS, AND TIPS FOR BEGINNERS

Read & Download (PDF Kindle) Beginning Chess: Over 300 Elementary Problems For Players New To The Game

Content Page. Odds about Card Distribution P Strategies in defending

Lahno, Kateryna (2472) - Carlsen, Magnus (2567) [B56] Lausanne YM 5th (3.2),

Review on The Secret of Chess by Lyudmil Tsvetkov. by IM Herman Grooten

CHESS SOLUTION PREP GUIDE.

EFGHY -sn-+( +ktr-' -zp-zp& tr-+-%

Blunder Buster Volume 1, Issue 2

PUT YOUR COMPETITION IN CHECKMATE

The Basic Rules of Chess

After learning the Rules, What should beginners learn next?

St. Louise School Chess Club Handbook

Jiang, Louie (2202) - Barbeau, Sylvain (2404) [C74] Montreal Pere Noel (4),

xiiiiiiiiy zpkzp0

Chess Evolution 3. Artur Yusupov

Yuri Averbakh Mihails Beiļins JOURNEY TO THE CHESS KINGDOM

Black Gambits 1. Boris Alterman

If a pawn is still on its original square, it can move two squares or one square ahead. Pawn Movement

Guidelines III Claims for a draw in the last two minutes how should the arbiter react? The Draw Claim

SDS PODCAST EPISODE 110 ALPHAGO ZERO

Novice Nook. When You're Winning, It's a Whole Different Game. Dan Heisman

Winning Chess Strategies

LESSON 2. Opening Leads Against Suit Contracts. General Concepts. General Introduction. Group Activities. Sample Deals

Welcome & Introduction

Chess, a mathematical definition

FIDE Trainer António Fróis

THE ART OF SACRIFICE IN CHESS, 21ST CENTURY EDITION BY RUDOLF SPIELMANN

How to Become Master Rated in One Year or Less.

LESSON 8. Putting It All Together. General Concepts. General Introduction. Group Activities. Sample Deals

KEYS AND FEATURES AT A GLANCE

Shkapenko, Pavel (2404) - Kalvaitis, Sigitas (2245) [D20] Cracovia op 18th Krakow (8),

The Pieces Lesson. In your chess set there are six different types of piece.

Capablanca s Advice. Game #1. Rhys Goldstein, February 2012

White just retreated his rook from g7 to g3. Alertly observing an absolute PIN, your move is?

2012 Alexey W. Root. Publisher: Mongoose Press 1005 Boylston Street, Suite 324 Newton Highlands, MA

Part IV Caro Kann Exchange Variation

How to Play Chess Well A Simple Method For Playing Good Positional Chess Copyright 2011 by Ed Kotski

3. Bishops b. The main objective of this lesson is to teach the rules of movement for the bishops.

LESSON 3. Third-Hand Play. General Concepts. General Introduction. Group Activities. Sample Deals

Team Chess Battle. Analog Games in a Digital Space

Ollivier,Alain (1600) - Priser,Jacques (1780) [D05] Fouesnant op 10th (7),

Operation Blue Metal Event Outline. Participant Requirements. Patronage Card

21 Days to Supercharge Your Chess. by Yury Markushin

Introduction 5 Algebraic Notation 6 What s So Special About the Endgame? 8

LESSON 6. Finding Key Cards. General Concepts. General Introduction. Group Activities. Sample Deals

COLLECTIONS All the requirements are pretty straightforward. Don t bring the whole collection if it is big. Bring a sampling and some photo s.

YourTurnMyTurn.com: chess rules. Jan Willem Schoonhoven Copyright 2018 YourTurnMyTurn.com

Movement of the pieces

Window to Chess Composition First published in

U120 TRAINING RUNNING REPORT IAN HUNNABLE WANSTEAD & WOODFORD CHESS CLUB

An analysis of Cannon By Keith Carter

Contents. King and Pawn Endings 9. Knight Endings 46. Same-Coloured Bishop Endings 60. Symbols 6 Introduction 7

Helbig, Uwe (2227) - Zvara, Petr (2420) [A45] Oberliga Bayern 0607 (9.6),

A NIGHT AT THE OPERA

Chess Books on Grandmasters

ALL YOU SHOULD KNOW ABOUT REVOKES

Perry High School. 2 nd Semester!

XIIIIIIIIY 8-+-trk+-tr0 7+lwqpvlpzpp0 6p+n+p PzP R+RmK-0 xabcdefghy


Challenging the Nimzo-Indian

Whitcomb Wins Harman Chess Club Championship of 2018

Transcription:

BMW WELT München, 14. November 2017 1 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

AGENDA 09:00 bis 10:45 CyberSecurity Basics N. Smajic, Director Services, ectacom 10:45 bis 12:00 Chess Brainpower against Cyber Threats (auf Englisch) S. Jevtic, Chess FIDE-Master (FM) 12:00 bis 13:00 Lunch-Buffet Gastronomie Käfer 13:00 bis 13:45 The Challenge Identifying the most effective Security Solution? R. Lai, Senior Business Development Manager, NSS Labs 13:45 bis 14:30 Kaspersky Anti-Targeted Attack (KATA) T. Brandt, Head Of PreSales, Consulting & Education, Kaspersky Lab 14:30 bis 15:15 Kaspersky Security Intelligence Services (KSIS) D. Narr, Sr. Consultant Threat Intelligence Services, Kaspersky Lab 15:15 bis 16:00 Kaspersky Industrial CyberSecurity (KICS) T. Brandt, Head Of PreSales, Consulting & Education, Kaspersky Lab Ab 16:15 BMW WERKSFÜHRUNG 16:15 bis 18:15 Gruppenwerkführung auf Englisch 16:30 bis 18:30 Gruppenwerksführung auf Deutsch 2 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

Chess Brainpower against Cyber Threats Sasa Jevtic, FIDE Trainer & FIDE Master 3 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

CHESS BRAINPOWER AGAINST CYBERTHREATS Sasa Jevtic, Chess FIDE Trainer (FT) & FIDE-Master (FM) 1. Introduction 2. What is Chess? 3. The Basic relations Chess Security Basics The King The Pawns Other Pieces Coordination Game Dynamics Keeping up-to-date 4. Fundamentar Chess Concepts and Principles Practice to be better The Force The Time The Space The Structure The Psychology The Defense in Chess The Planning 5. Conclusion A G E N D A 10 Hours Online Chess Training Price Draw 4 participants has the opportunity to take part in a prize draw. Ask and Answer Open discussions 4 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

1. INTRODUCTION Chess is the game in which two players use strategic and tactical concepts in order to outplay each other. If we take a look long time in the past, we can notice that military leaders used many of chess strategic and tactical concepts for their actions and purposes. For the same reason, nowadays, chess can be an excellent tool for security leaders. Today we will try to make some parallels between chess and security. Through many practical examples we will try to learn how strong chess player think and how they apply fundamental concepts in chess. That knowledge may help you to be better in your battles against cyber threats. 5 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

2. WHAT IS CHESS? Chess is a board game between two players which is played on a chessboard, board with 64 squares arranged in an 8 8 grid. The objective is to checkmate the opponent's king by placing it under an inescapable threat of capture. Pieces in chess have different absolute value. It is very important to know in order to make good exchanges during the game. 6 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

3.1 THE BASIC RELATIONS: CHESS & SECURITY CHESS: board and pieces, learn the basic rules, find your opponent and start to play. Winning in that "battle" is much more complicated and it depends on your knowledge, strength and skills, but at the same time it depends on a person who is in front of you. SECURITY: define your scope of operations; invest in people, processes and technologies; implement your controls and begin to deal with cyber threats. But, that will not make you being a leader in cyber security. It will require much more. CHESS: scope of operations is chess board (64 chess squares) SECURITY: many factors to consider: outsourcing, third-party applications, unauthorized systems, cloud operations etc. But, the same as in chess if you neglect any part of your security board you will give opportunity to your opponents (attackers). 7 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

3.1 THE BASIC RELATIONS CHESS: learn the rules and start playing SECURITY: rules of chess are security frameworks. There s a huge difference between implementing basic framework controls and the knowledge and strategy required to be able to use these controls to defeat an attacker 8 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

3.1 THE BASIC RELATIONS CHESS: pieces are the tools which players use to implement their game strategy. It is very important that pieces are logically deployed. In order to logically deploy your pieces it is very important to understand each piece and cooperation between them. Beginners usually take into consideration only nominal (absolute) value of each piece. But better players can actually take a look of a relative value of chess pieces. SECURITY: the pieces are your controls which you use to prevent attackers to achieve their goals. If your controls are well deployed your security program will be stronger. But, to be able to deploy controls effectively you need to have high understanding of how your controls work individually or as a team. Each control has to be implemented and used in a particular way in order to make success. 9 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

3.2 THE BASIC RELATIONS THE KING CHESS: The role of king in a chess game depends on a game stage. King is mostly always the primary target of our opponent. If King is check-mated, the game is over and we lost. That is why in the openings and middle games King must be safely protected. But, in the endgames, most of other pieces are already gone (traded), the King often becomes the most powerful piece on the board. SECURITY: CISO (Chief Information Security Officer) has the same role as King in chess. CISO will protect the interests of the company which are targeted by attacker and he is in charge on making important decisions. But, if cyber-attack is successful, just like the King in chess, the CISO is in trouble. 10 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

3.3 THE BASIC RELATIONS THE PAWNS CHESS: Francoa Andre Philidor said: The Pawns are the soul of chess. During his time there have been many games with gambits (Pawn sacrifices) and other sacrifices which would indicate direct attacks on the King. But, if attack fails that usually means that attacker game was lost. Pawns also provide the structure to keep attackers at distance and allow flexibility and efficiency to other pieces. Also, in the endgame Pawns can be promoted to higher valued pieces which can be very important for winning the game. SECURITY: In security it may happen that you think that your basic security controls have flaws and that you will need new in order to defeat an attacker. But, it may happen that you do not pay attention to the basic controls and processes and you become weaker instead of stronger and you make it easier for attacker to defeat you. This means that it is important to pay constant attention to secure configurations, vulnerability management, control of access and secure SDLC (System Development Life Cycle). 11 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

3.4 THE BASIC RELATIONS OTHER PIECES CHESS: Other chess pieces can be major pieces (Queens and Rooks) and minor pieces (Bishops and Knights). They have their own strengths and weaknesses and all of them can be very powerful if used properly, but will have very little value if player has poor playing skills. Exposing a Queen too early in the games means that Queen may become a target and will be chased around the board and may be trapped. Knights are very strong in closed positions or when they can be placed in a central position without possibility to be attacked by any of opponent s pawns (having an outpost). However, knights are much weaker in open positions or when they are stucked at the edge of the board. SECURITY: Each security control has to be used properly to build an effective security strategy. It is very important to understand your security controls, how they are deployed and maintained and how they fit into your incident response processes. If you don`t do this basic work the whole system may get in trouble. 12 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

3.5 THE BASIC RELATIONS COORDINATION CHESS: In order to win the game of chess you need to use all of your pieces, but you have to understand how they cooperate together. It would be very wrong to use only one of your pieces to attack the opponent king, or to move the same piece few times in the opening. Such playing strategy will most likely be a failure. SECURITY: All of your basic controls need to work together to be effective in your battle against attacker. If you use only single security control it will be easily bypassed or defeated. That is why it is important to have so-called Defense-in-depth, which means that all of your controls work as a team and provide different layers of security. 13 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

3.6 THE BASIC RELATIONS GAME DYNAMICS CHESS: Chess position and chess game in general is never static. Your opponent will all the time look for a weakness in your position and will try to exploit it, just waiting for the right moment to do it. His strategies and tactics will develop and change during the game as new positional weaknesses are discovered. SECURITY: This principal is exactly the same in security. It is important to continually monitor and modify your position. As well as company is changing in terms of business model and the technologies used to support it, your security system must also change and evolve. Even in the most advanced security infrastructures, if your security is static, a weakness will always present itself. 14 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

3.7 THE BASIC RELATIONS KEEPING UP TO DATE CHESS: In order to be successful chess player you need to follow all major tournaments in the world, be informed about all news on latest chess theories and be ready to absorb new ideas. Simply, the way how chess was played 50 or 70 years ago is no longer effective at the professional level. SECURITY: In security, also, you need keep up on the latest attacks and defense techniques. It is important to continually improve your controls and your understanding of them. Effective security controls also have a lifespan. For example, if you deployed the best security system three years ago, it is important to evaluate how effective it is today. 15 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

4. FUNDAMENTAL CHESS CONCEPTS & PRINCIPLES 4.1 PRACTISE TO BE BETTER CHESS: Famous ex world champion Jose Raul Capablanca said: You may learn much more from a game you lose than from a game you win. You will have to lose hundreds of games before becoming a good player. Beginner in chess will play many games without ever winning. All of those games are practice for getting ready to the real thing the tournament. So, through losing player learns, and as they learn, they get better. SECURITY: Security teams should be constantly practicing for a cyber-attack. This is very useful activity that allows you to constantly improve your security controls and processes by learning from your failures. It should not be limited only to an annual test for audit, it is much better if it is implemented as a regular routine. This approach is the best way to keep security team ready to defend against a real cyber-attack. 16 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

4.2 THE FORCE CHESS: As we already know, pieces have their absolute value. Winning pieces helps chess players to win the game. It is easier to checkmate your opponent with material advantage. Your pieces represent your force and that is the material strength that you have compared to your opponent. SECURITY: if you decide to skimp on your controls relative to the type of threats your organization faces, you will have handed the advantage to your opponent from the start. As a reminder, strength isn t a function of how many controls you have or how much money you spend. Strength is based on how your security model is designed and operated. Skimping doesn t just mean not spending enough money it s also about not spending enough time and effort to ensure that your controls work together effectively in terms of people, processes and technology. 17 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

4.3 THE TIME CHESS: In chess when we discuss about the time we usually mean on number of moves needed to successfully complete some action. One tempo may very often be decisive. SECURITY: In security, you can think of it as a race between the attacker trying to complete their objective while you are trying to prevent or catch them. If your processes are ad hoc and you are having to learn as you scramble along, it is unlikely that you will catch up with a sophisticated attacker. However, if you train and practice for emergencies and you have your processes well-defined, well-drilled and well-tested, you will have a chance. 18 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

4.4 THE SPACE CHESS: In chess, controlling space is very important. Your chess pieces need to be able to work together to execute a specific plan and for that pieces need space. SECURITY: Your security controls needs space to be useful. True defense-indepth is where you have systems of controls that complement each other in terms of the control objective they are there to achieve. For example, nowadays it is very well known that relying on signature-based anti-virus is not sufficient to prevent malware from infiltrating your systems. Numerous layers of different security technologies and processes must be in place and working together to prevent, detect, and respond to modern malware. When you do this effectively, you make it much more difficult for your opponents to succeed. 19 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

4.5 THE STRUCTURE CHESS: Structural thinking in chess is very important. For example, beginners pay small attention on pawns, but chess masters study them until they understand all the ways in which they can be used. Also, when pawns create the right structure your major and minor pieces can achieve their full potential. One single pawn can change the whole game if it reaches to the last rank and is being promoted to a queen. SECURITY: Equivalent of pawns are foundational controls. These are all the basic things that should be done correctly without a second thought. These foundational controls include comprehensive asset inventory, vulnerability management, secure system configuration, access control, secure SDLC (System Development Life Cycle), monitoring, incident response, as well as other basics. Together, they give you a solid security foundation that will make it difficult for your opponent to gain an advantage. Even if you acquire the latest and greatest security technology, if you don t have these basic pieces in place, there will be holes that allow attackers to bypass even the most sophisticated controls. 20 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

4.6 THE PSYCHOLOGY CHESS: If someone asks who won the game in chess, there is a standard answer the person who made the next to last mistake. One mistake does not mean that we lost the game in chess. Charles De Gaulle said: France has lost the battle, but France has not lost the war. It is very important to fight to the end and not to lose fighting spirit. Famous chess player Savielly Tartakower once said: No one ever won a game by resigning. SECURITY: Even as an incident happens, you may make mistakes, but you must keep going and wait for your opponent to make their mistake. This is the reality of incident response. You need to install this way of thinking into your security team so that they do not face these situations with a defeatist attitude. It s easy to be overwhelmed by the widely held view that defense against cyber criminals is useless. Yes, you may lose, but if you are not willing to go down fighting, then you should not be playing at all. 21 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

4.7 THE DEFENSE IN CHESS CHESS: In chess, there are some standard points of attack on the king and they depend on the position of the king (castled king side, castled queen side, un-castled king in the middle of the board). By understanding the principles of attack, you can understand the principles of defense. SECURITY: This idea is also central to security. There are standard approaches bad actors use to conduct an attack. Understanding how security incidents commonly occur can help you see the relevance of various controls and how to implement them effectively. Without this understanding, you will be forced to blindly follow frameworks and policies without fully grasping their significance. Such misinformed action will either cause you to make mistakes or render you unresponsive when your attacker changes their approach. 22 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

4.8 THE PLANNING CHESS: Mikhail Chigorin once said: Even a poor plan is better than no plan at all. Planning is a very important skill to have in chess, and there are volumes on how one should go about it. Planning is important for two very good reasons. Firstly, if you have a plan and you are not distracted from it, you have a chance of succeeding. Secondly, without a plan, you are likely to be reactive and not be able to see what is most important. SECURITY: A plan will let you concentrate on what is important and not get distracted by all of the everyday noise that we encounter in this role. It is important to understand what is important and have your plan in place. This will provide you with something to exercise but also a way to deal with an attack should it occur. One thing is very clear: if an attack occurs and you don t have a plan, things will go very badly indeed. 23 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

5. THE CONCLUSION CHESS: Ex world champion Anatoly Karpov quoted: Chess is everything: art, science and sport. Since it is also a sport it represents a battle between two players. No one likes to play game and lose. That is why we strive to become better and better. At the highest level, chess is a brutal and unforgiving means of earning a living. The same can be said of security. Security is a fun and rewarding career, but it is not easy. It is rare that you are the key function of your organization s mission. There will always be struggles for budget and resources. But, mistakes can be very expensive. Let us finish with chess quote from ex world champion Garry Kasparov, who is possibly the greatest chess player ever: Setbacks and losses are both inevitable and essential if you re going to improve and become a good, even great, competitor. The art is in avoiding catastrophic losses in key battles. 24 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

THANK YOU VIELEN DANK БОЛЬШОЕ СПАСИБО 25 CyberSecurity Day München, 14.11.2017 ectacom GmbH 2017

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback