Posts Tagged “human”
 The attacks on Swiss financial institutes with the aim of unjustified enrichment and the threat of the targeted industrial espionage via the internet are the main topics of the fifth semi-annual report of the Reporting and Analysis Centre for Information Assurance.
The report assesses the situation of the first half of the year 2007 in Switzerland and is now available online and clearly shows that the human factor remains the weakest point of ICT security.
Focus areas of issue 2007/I
- Attacks on Swiss financial services
"Classic" phishing attacks by e-mail with password requests have decreased substantially in Switzerland. Moreover, all such attacks have been unsuccessful. On the other hand, successful attacks with malware have increased. Two-factor authentication systems (e.g. transaction authentication numbers, SecurID, etc.) do not afford protection against such attacks and must be viewed as insecure once the computer of the customer has been infected with malware.
- Industrial espionage and data theft
The threat posed by targeted state or private industrial espionage continues. Not only the operators of critical infrastructures, the armament industry, or public authorities are threatened. Medium-sized industrial companies as well as manufacturers of luxury articles and fashion are also being targeted. The attacks are carried out by sending targeted e-mails to individual employees which contain malware in their attachments or links to bogus websites.
- Attacks on web servers:
malware distribution, phishing, data theft Compromising of web servers has increased. The purpose is to use web servers to distribute malware, such as by drive-by infection, to steal data (especially on commercially used servers), to carry out (interim) storage of data (e.g. in connection with phishing), or to distribute messages that are generally political in nature.
- Malware / attack vectors
Malware is still usually distributed through e-mail attachments or e-mails with links to bogus websites. Using clever social engineering techniques, the victim is deceived into opening the attachment or clicking on the link. Websites installing malware on the computer without any action by the user (drive-by infections) have heavily increased as an infection vector. Vulnerabilities in the operating system, the browser, or other applications are exploited. For a long time now, this no longer only happens on dubious sites, but also on (compromised) serious and well-known sites. Rates of recognition of malware by anti-virus software remain low.
The complete report is available on Melani website in italian, german, french and english.
A complete and useful list of all Internet risks and related protection measures is also available.
Tags: 2007, 24, aim, analysis, Annual, art, ATT, attack, blog, ces, computer, connection, CTU, customer, engine, espionage, human, ia, ict, ICT Security, im, industry, install, internet, IT World, ITU, King, lan, list, malware, melani, nomadcom.net, online, password, phishing, public, risk, security, services, social, storage, swiss, switzerland, theme, threat, user, web, web server, website, wp, www, XP
 No Comments »
Posted by: Cedric in Our World
European curriculum vitae format
|
Name
|
|
Cedric
|
|
Address
|
|
Not Available on the online CV
|
|
Telephone
|
|
Not Available on the online CV
|
|
Fax
|
|
Not Available on the online CV
|
|
E-mail
|
|
click on this link to get it
|
|
Date of birth
|
|
Not Available on the online CV
|
| • Dates (from – to) |
|
1996 – Present day
|
| • Name and address of employer |
|
International Committee of the Red Cross , Geneva, Switzerland
|
| • Type of business or sector |
|
International Humanitarian Organization
|
| • Occupation or position held |
|
Information & Communication Technologies – Regional Coordinator
As from October 2008 : Western Africa based in Abidjan, Côte d'Ivoire
2005 – 2008 : Asia & Pacific based in Bangkok, Thailand
2002 – 2004 : Great Lakes area, Eastern & Southern Africa based in Nairobi, Kenya
1999 – 2001 : Americas based in Bogota, Colombia
1997 – 1999 : Western Africa based in Abidjan, Côte d'Ivoire
1996 – 1997 : Commonwealth of Independent States based in Moscow, Russia
|
| • Main activities and responsibilities |
|
Coordination of telecommunication & computer networks activities of the ICRC
Design & follow-up of ICT regional & institutional projects
Technical adviser for ICRC executives
Technical support to ICT field engineers
Technical support & user training
Financial & administrative tasks related to ICT systems
Negotiations with national & regional providers, telecom authorities, etc..
Human resources management
Implementing institutional ICT policies
|
| |
|
|
| • Dates (from – to) |
|
1993 – 1995
|
| • Name and address of employer |
|
International Committee of the Red Cross, Geneva, Switzerland
|
| • Type of business or sector |
|
International Humanitarian Organization
|
| • Occupation or position held |
|
Information & Communication Technologies – Field Engineer
1993 : Sudan
1994 : Angola, Rwanda
1995 : Angola
|
| • Main activities and responsibilities |
|
Installation and maintenance of radio communication & computer networks
User training & support
|
| |
|
|
| • Dates (from – to) |
|
1992 – 1993
|
| • Name and address of employer |
|
Placement d'Électriciens Bernard Marchon Sarl., Neyruz, Switzerland
|
| • Type of business or sector |
|
Employment agency
|
| • Occupation or position held |
|
Geneva & Lausanne Branch Director
|
| • Main activities and responsibilities |
|
Human Resources
Customer Relations
Administrative & financial related tasks.
|
| |
|
|
| • Dates (from – to) |
|
1988 – 1991
|
| • Name and address of employer |
|
Placement d'Électriciens Bernard Marchon, Neyruz, Switzerland
|
| • Type of business or sector |
|
Employment agency
|
| • Occupation or position held |
|
Geneva Branch Manager
|
| • Main activities and responsibilities |
|
Human Resources
Customer Relations
|
| |
|
|
| • Dates (from – to) |
|
1986 – 1988
|
| • Name and address of employer |
|
Placement d'Électriciens Bernard Marchon, Neyruz, Switzerland
|
| • Type of business or sector |
|
Building Trade
|
| • Occupation or position held |
|
Specialized electrician
|
| • Main activities and responsibilities |
|
Breakdown interventions
Telephone & computer cabling systems
|
| |
|
|
| • Dates (from – to) |
|
1986 – 1988
|
| • Name and address of employer |
|
EggTelsa Électricité Téléphone S.A, Geneva, Switzerland
|
| • Type of business or sector |
|
Building Trade
|
| • Occupation or position held |
|
Electrician
|
| • Main activities and responsibilities |
|
Breakdown interventions
Small & medium construction projects
|
| • Dates (from – to) |
|
2001
|
| • Name and type of organization providing education and training |
|
Universitat Ramon Llull – Enginyeria y Arquitectura La Salle, Barcelona, Spain
Cisco Network Academy Program
|
| • Principal subjects/occupationalskills covered |
|
WAN & LAN Networks, Ethernet Standards, Routing Protocols, Network design, Security policies, Router configuration, IP addressing, Transport protocols, Network Management, Troubleshooting.
|
| • Title of qualification awarded |
|
Cisco Certified Network Associate (CCNA)
|
| |
|
|
| • Dates (from – to) |
|
2001 – 2002
|
| • Name and type of organization providing education and training |
|
Universitat Ramon Llull – Enginyeria y Arquitectura La Salle, Barcelone, Spain
Master in Network & Services of Telecommunications (MXST)
|
| • Principal subjects/occupationalskills covered |
|
Telecommunication networks & services, Network Management, Project Management, Mobile communications.
|
| • Title of qualification awarded |
|
Master in Network & Services of Telecommunication (Màster en Xarxes i Serveis de Telecomunicació).
|
| |
|
|
| • Dates (from – to) |
|
1981 – 1985
|
| • Name and type of organization providing education and training |
|
EggTelsa Électricité Téléphone S.A, Geneva, Switzerland & CEPIA (Professional school)
Electrician Apprenticeship
|
| • Principal subjects/occupationalskills covered |
|
Electrical installation & maintenance.
Telephone & Alarm systems installation & maintenance
|
| • Title of qualification awarded |
|
Federal Proficiency Certificate of Electrician (Certificat Fédéral de Capacity)
Mention : Good
|
| |
|
|
|
Other professional training
|
|
People leadership & Management by Ashridge (UK)
(ICRC Geneva 2008)
Managing & Maintaining a Microsoft Windows Server 2003 environment (IT TrainingAcademy, Geneva 2005)
Implementing & Supporting Microsoft Windows XP Professional (Global Knowledge, Geneva 2003).
Lotus Notes R5 Domino Server Administration (Digicomp, Geneva 2001)
Linux Suse Network Configuration (www sistemas, Bogota 2001)
Linux Suse Administration (Acis, Bogota 2000)
Administration & Technical Support of Microsoft Windows NT 4, TCP/IP interconnection (Digicomp, Geneva 1999)
English Advanced (Australian College of English, Sydney 1997)
Project Management (ESMT, Dakar 1996)
Effective Presentation Technics (Marchstore Ltd, London 1995)
Training of Trainers (Cegos, Paris 1995)
Local Area Networks (Digicomp, Geneva 1995)
MS-Dos 6.2 (Digicomp, Geneva 1995)
Codan HF Radio Module (Codan UK, Farnham 1995)
Novell Netware 3.1x Administration (Digicomp, Geneva 1995/99)
Novell Netware 3.1x Installation & Configuration (Digicomp, Geneva 1995)
Lotus Notes R3 Administration 1 (Digicomp, Geneva 1995)
Lotus Notes R3 Development 1 (Digicomp, Geneva 1995)
Lotus Notes R3 Basics + Technical User (Digicomp, Geneva 1995)
Computer Security (Digicomp, Geneva 1995)
Windows Ressources (Digicomp, Geneva 1995)
Sales Technics & Customer relationship (CAFI, Lausanne 1991)
Alarm & Security systems (Rochat, Geneva 1990)
MS-Dos 5 (Bernard Marchon, Geneva 1990)
Telepax PABX Systems (Telepax, Geneva 1990)
Hasler Integral 2 PABX system (PTT, Bern 1989)
Ericsson GDX/GFX PABX Systems (PTT, Bern 1989)
Telephone installation 2 (CIS, Geneva 1987)
|
| Personal skills and competences |
| |
|
ENGLISH - SPANISH – PORTUGESE |
| • Reading skills |
|
Excellent – Excellent - Basic |
| • Writing skills |
|
Good - Good - nil |
| • Verbal skills |
|
Good - Good – nil |
|
Social skills and competences
|
|
Team Work: I have the chance of experiencing team working on both national and international level with colleagues of various nationalities.
Intercultural Skills: As working & living on permanent basis abroad since 1993, I have the opportunity to collaborate with international and intercultural teams on daily basis, mostly aimed at the regional management of an international humanitarian organization. |
|
Organizational skills and competences
|
|
Management of technical national & expatriate staff at regional level. (more than 40 employees).
Regional ICT project management (in more than 15 countries) Regional yearly ICT seminar organization & professional courses (about 25 participants) ICT Budget preparation & follow-up. Assets management Head of ICT regional Emergency Response Unit Promotion & auditing institutional ICT policies. |
|
Technical skills and competences
|
|
Competent on electrical, telephone, lighting/grounding & 2-way satellite systems.
Competent on wired & wireless telecommunication, HF/VHF/UHF radio communication & computer networks. Competent on various Microsoft operating systems (Windows NT4, XP Professional, 2003 server). Competent on design, installation, maintenance & troubleshooting of computer systems. Good knowledge of Lotus Notes/Domino R5 workflow environment Good knowledge on MS Office tools, computer security systems. Good knowledge on power supplies (generator, solar & wind power) Some web-building, graphic editing, Linux & MS SQL experience. Some Cisco routing & switches experience. Some competences on various PABX systems |
|
Artistic skills and competences
|
|
Amateur Photographer, Photo-editing, Web-publishing
|
|
Other skills and competences
|
|
|
|
Driving licence(s)
|
|
Swiss & International driver license (light vehicle & motorbike up to 125 cm3)
|
Tags: 1994, 2003, administration, aim, air, arc, art, asia, award, Bangkok, blog, breakdown, capacity, ces, communication, computer, configuration, connection, CTU, customer, design, development, dress, emergency, engine, ericsson, ethernet, europe, fax, geneva, global, human, ia, ict, im, install, International, ITU, King, knowledge, lan, language, lausanne, LED, light, london, Management, microsoft, MIT, mobile, Mobile Communications, moscow, network, nomadcom.net, online, paris, pet, phone, photo, power, project, red cross, resume, resume curriculum cv ICT professional, satellite, sco, security, services, social, swiss, switzerland, telecom, Telecommunications, Thailand, train, troubles, uk, upa, USA, user, web, windows, wireless, www, XP
No Comments »
 The British Department of Trade and Industry has made £4m available for four research projects aimed at reducing the IT risk created by human error.
The program, which is part of its Network Security Innovation Platform, reflects the fact that human error is by far the biggest risk to network security.
It cited the results of a survey it conducted, involving over 1,800 people, on the use of passwords. It found that:
- Just over 30% of users recorded their password or security information by either writing it down or storing it somewhere on their computer.
- About 65% never changed their password
- 20% of people used the same password for non-banking websites as well as their online bank
The projects will use behavioural science in a bid to tackle the human risk element in network security.
Four projects will receive funding under the programme.
- The first is about developing a risk assessment package focused on organisational and human factors.
- The second, named Trust Economics, is aimed at developing a predictive modelling framework that assesses security policies that regulate the interaction between humans and information systems.
- The third is aimed at developing a solution for the analysis of digital communications to identify threats introduced by humans.
- The fourth named CatalysIS, is a tool to improve risk culture and identify human vulnerabilities in network security.
Minister for science and innovation Malcolm Wicks said: "Unfortunately, the weakest link in network security is not usually with the technology, but with the staff and system users. A DTI survey found that a shocking number of people were careless with passwords, unwittingly exposing themselves and their company to fraud and theft.
"Network security is also a major growth area where the UK has a good opportunity to become a global leader if we develop new technology to give us a competitive edge."
This article was originally published at Kablenet
Source: The Register
Tags: 2007, aim, analysis, arc, art, blog, communication, computer, digital, Fun, global, human, ict, ICT Security, identify, im, industry, interaction, internet, Internet News, Internet World, IT risk, King, lan, network, nomadcom.net, online, password, pet, privacy, project, risk, science, search, security, space, study, survey, technology, the register, threat, uk, user, web, website, wp, www, XP
No Comments »
|
Entries (RSS)