No-man's land is an area of land that is not owned or controlled by anyone. It is often under dispute among parties. Cyberbiosecurity is a good example of a no-man's land, as very few organizations have employees and security teams that understand, prevent, detect, and mitigate security vulnerabilities at the interface of the life sciences, synthetic biology, biomanufacturing, laboratory instrumentation, patient-focused systems, biosecurity, robotics, machine learning, artificial intelligence, information systems, information security and cybersecurity. Current threats are usually governed in silos.
Security at the intersection of disciplines is always difficult, as actors within each single sector speak a different language and have different priorities, so they are less likely to cooperate.
The solution is often called automation. It includes automated systems and technical solutions. Unfortunately this is leading to a false sense of security, as adversaries will attack the persons having authorized access, not the systems, for destruction, misuse, or exploitation of valuable information.
Gene editing tools and systems that analyze DNA and store genetic information come with a whole new category of vulnerabilities and risks. Adversaries may try to have unauthorized access. They may also try to use social engineering and other techniques to influence the persons that have authorized access. Cyberbiosecurity is impossible without cyberbiosecurity training.
Cyberbiosecurity incidents became more prevalent after the Covid-19 challenges. The entities working on Covid-19 vaccine development, modelling, and testing, were frequently attacked. The Covid-19 pandemic has increased the value of digitized biodata and the cyberbiosecurity incidents.
Increasing digitisation, the use of big data, and the ever-increasing quantity of data that connected devices are sharing, can significantly improve efficiency, but will also result in increased exposure to new emerging threats.
All stakeholders and all supporting organisations that span the length of the supply chain, must understand the risks, and must have tailored cyberbiosecurity training.
It is not possible to determine the current number of cyberbiosecurity incidents, even the most serious ones, due to the lack of detection capability, systems, and processes for reporting.
The field of cyberbiosecurity is new, but we can leverage extensive knowledge and applications from other similar fields, to understand relevant threats, vulnerabilities, and consequences from a cyberbiosecurity perspective.
Our training programs have the objective to help managers and employees not only understand the cybersecurity threats, but also their responsibility towards protecting the assets they handle. We explain to them how to proactively apply good cyber security practices, how to identify threats and attacks, and what to do to protect themselves and their organizations. Cybersecurity is a shared responsibility.
The program is beneficial to managers and employees having access to sensitive and classified information within the biotechnology community, biopharmaceutical entities, biomanufacturing, cyber-enabled laboratory instrumentation and patient-focused systems.
One hour to one day, depending on the needs, the content of the program and the case studies. We always tailor the program to the needs of each client.
Our instructors are working professionals that have the necessary knowledge and experience in the fields in which they teach. They can lead full-time, part-time, and short-form programs that are tailored to your needs. You will always know up front who the instructor of the training program will be.
Christina Lekati, psychologist, social engineering expert, can be your trainer. To learn about her you may visit: https://www.cyber-risk-gmbh.com/About_Christina_Lekati.html
Modules of our tailor-made training
- Understanding the value of our assets for competitors and for foreign intelligence agencies.
- Understanding the challenges and the threat landscape.
- Intellectual property and proprietary information losses associated with digitized information.
- Who is the adversary: From actors with targeted intent of theft or destruction, to hacktivists and disruptors. Countries, competitors, criminal organizations, small groups, individuals, insiders, service providers.
- Understanding hacktivists.
- Understanding the modus operandi of professional criminals and information warriors.
- Highly pathogenic species of bacteria, viruses, fungi and biological toxins as biological weapons used against people or agriculture.
- Knowledge is a weapon: Genetic engineering and biotechnology can modify biological agents by enhancing virulence, increasing stability and resistance, and lowering detection.
- Biological terrorism and biological warfare.
- Pathogens and toxins as bioterrorism and biowarfare agents.
- Chemical, biological and radiological weapons as low-cost, high-impact options for achieving objectives.
- Business intelligence and counterintelligence principles.
1. What is social engineering.
2. Why social engineering is a primary attack vector – and why it is likely you will encounter it, too.
3. How does social engineering work?
4. What do attackers prey upon?
5. The numbers game vs. highly tailored and targeted attacks.
The Social Engineering Kill-chain.
1. Reconnaissance: The research phase used to identify and select targets.
2. Targeting: Who is the most vulnerable person to attack? What is the biggest vulnerability of the target?
3. Pretexting: The attacker’s cover story.
4. Establishing trust with the target.
5. Manipulating, exploiting, and victimizing.
6. Case studies.
Open Source Intelligence (OSINT) Collection and Analysis
• Intelligence collection from public sources of information (articles, conferences, interviews and more).
• Intelligence collection from personal social media accounts.
• Personal analysis of vulnerabilities based on the OSINT collection.
• Determination of possible attack vectors.
• Weaponized psychology used in attacks.
• The psychology of a target during an overt or covert approach.
• Tailored advice and best practice recommendations.
• Personal operational security (OPSEC) recommendations.
• Case studies.
- The online analogue of personal hygiene.
- Personal devices.
- Untrusted storage devices.
Methods used by foreign intelligence services to obtain information.
1. Elicitation: An effort in which a seemingly normal conversation is contrived to extract information about individuals, their work, and their colleagues.
2. Eavesdropping: Gathering information by listening in on private conversations.
3. Bag Operations: Efforts to steal, photograph, or photocopy documents, devices, laptops. This could occur in hotel rooms, in an airport, in a conference room, or in any other situation where the opportunity presents itself and your materials are vulnerable.
4. Electronic Interception: Use of devices to electronically monitor an individual’s use of modern telecommunications.
5. Technical Eavesdropping: Use of audio and visual devices, usually concealed in hotel rooms, restaurants, offices, cars, airplanes.
6. Sexspionage: Agents that use the art of seduction as a first step for a blackmail or bribery operation.
The NIST Framework for Improving Critical Infrastructure Cybersecurity
1) Describing their current cybersecurity posture;
2) Describing the target state for cybersecurity;
3) Identifying and prioritizing areas for improvement within the context of a continuous and repeatable process;
4) Assessing progress toward the target state;
5) Communicating among internal and external stakeholders about cybersecurity risk.
The Framework Core and the Framework Implementation Tiers.
The Functions (Identify, Protect, Detect, Respond, and Recover).
Case studies (suitable for the client).
- What has happened?
- Why has it happened?
- Which were the consequences?
- How could it be avoided?
Closing remarks and questions.
Cyber Risk GmbH
Tel: +41 79 505 89 60
We process and store data in compliance with both, the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The service provider is Hostpoint. The servers are located in the Interxion data center in Zürich, the data is saved exclusively in Switzerland, and the support, development and administration activities are also based entirely in Switzerland.
Understanding Cybersecurity in the European Union.