Ladies and gentlemen,

IT system security issues are of interest not only to institutions such as banks, energy companies and government administration. The problem affects all companies, regardless of their size, on a daily basis, including many of our clients. According to the report entitled "Business protection in digital transformation or 4 steps to a safer company" recently published by PwC Polska, as many as 96% companies experienced over 50 security incidents in the last year. Due to the growing integration of production systems with IT systems, threats also apply to the continuity of production.

According to our experience, the most common (realized) manifestation of cybercriminals' activity among our clients are the effects of ransomware in order to obtain a ransom. We wrote about the spectacular amounts of ransom in an article on our blog. In this context, it is also worth considering attacks on production systems (OT) such as production lines, industrial automation, and warehouses. In this case, you can also expect interest from cybercriminals - they can count on a large ransom for withdrawing from the attack, since in some companies known to us the costs of stopping and restarting production are counted in millions of zlotys.

In order to meet the expectations of our clients and to make them aware of the scale of the threats, we decided to organize a series of 4 workshops during which we will show how and how easy it is to threaten our IT and OT systems. Below you will find the dates and agendas of individual meetings. The meetings will be held at our company's headquarters in Poznań at 22 Ostrobramska Street. The duration of each workshop is 4 hours, and participation is free of charge.

During meetings 1, 2 and 3, please have a computer with a virtual machine with the KALI Linux distribution with you, the installation version of which can be downloaded using of this link.

Workshop 1 - Introduction to Penetration Testing - April 25, 2017

Topics:
- information reconnaissance,
- scanning and enumeration,
- brute force and dictionary attacks on passwords,
- attacks on WLAN networks.

To register for the workshop on April 25, 2017, please use registration form.

Workshop 2 - Penetration Testing and Social Engineering - May 16, 2017

Topics:
- metasploit,
- social engineering toolkit,
- generating backdoors,
- C&C servers.

To register for the workshop on May 16, 2017 please use registration form.

Workshop 3 - Web Application Penetration Testing - May 30, 2017

Topics:
- structure of web applications (languages, frameworks, web servers),
- introduction to SQL,
- vulnerability scanning,
- sql-injection and CSS attacks.

To register for the workshop on May 30, 2017, please use registration form.

Workshop 4 - General Data Protection Regulation (May 4, 2016, Official Journal of the European Union) - moved to July 4, 2017

Topics:
- uniform rules throughout the European Union,
- new obligations of the Data Protection Officer,
- risk analysis - methodologies and examples,
- severe penalties.

To register for the workshop on June 20, 2017 please use registration form.

You're welcome!

On April 6-7, 2017, at the Molo Hotel in Smardzewo on the Sulejowski Reservoir, the event will take place VI Convention of Informatics employed in public administration. The conference is aimed at representatives of public institutions responsible for computerization of their units. During the meeting, there will be a series of presentations devoted to, inter alia, e-services in public administration, medical records management and cloud services.

Our company is a partner of the convention alongside such companies as Microsoft, Samsung, Ever, Kyocera.

On the second day of the convention, Jakub Staśkiewicz, a security consultant in our company, will lead presentation entitled "Data leakage - how not to manage security incidents". During the demonstration, we will discuss in detail one of the cases of vulnerability to cyber threats detected by us in an organization providing services on the Internet.

During the entire convention, we also invite you to our stand, where you will be able to talk and consult related to the broadly understood information security. In addition to services like security audits, KRI audits, security policies and training, we also offer SOC (Security Operations Center) services, i.e. outsourcing of security management services.

Therefore, we invite all our customers and friends to the convention, to our presentation and to our stand. See you later!