CTAG Virtual Workshops 2023/24
The CTAG team holds a number of workshops every year. The topics are diverse and can cover email security, the latest vulnerabilities, the dark web or simply events for networking.
See below for our latest workshop line ups. Click on the links to register or contact us if you have any questions.
zED - baselining your peers and suppliers email
zED, a point product/tool, directly addresses a question that came from the WARPs about how public sector organisations can assess the risks (email hygiene) of their peers and suppliers, amongst recent new features is the checking if a domain meets the NHS DBC1596 secure email standard, as well as proven reporting on SPF, DMARC and the MTA-STS standards.
zED checks TLS and DNS records of any domains you wish to have checked, to ascertain your exposure to risk via email from your peers and suppliers.
14th September 2023 - https://www.eventbrite.co.uk/e/609562306267
22nd November 2023 - https://www.eventbrite.co.uk/e/609585164637
Securing your email domain
This session will be limited to a maximum of six domain names or organisations, however more than one person from each organisation can attend. The purpose of each workshop is to drill down on each domain name, understanding where are on the email security journey that organisation is and help to identify what the next best steps would be. To do this successfully, it is important that the attendee understands the above and is comfortable communicating this on the call to peers.
To assist with the session, the zED scanner will be used to produce a RAG rating for each workshop attendee domain, which will contain the TLS, SPF and DMARC detail (as well as MTA-STS).
5th July 2023 - https://www.eventbrite.co.uk/e/609550962337
6th September 2023 - https://www.eventbrite.co.uk/e/609558996367
7th November 2023 - https://www.eventbrite.co.uk/e/609580661167
7th December 2023 - https://www.eventbrite.co.uk/e/609588384267
10th January 2024 - https://www.eventbrite.co.uk/e/609601232697
9th February 2024 - https://www.eventbrite.co.uk/e/609606979887
5th March 2024 - https://www.eventbrite.co.uk/e/609613399087
This presentation has a heritage, in so much as it predates the active interest in MTA-STS by NCSC and Mail Check by over a year, and covers in a “cookbook” format how to set up MTA-STS and what can go wrong. This popular presentation has been used by many gov.uk organisation on their adoption of the MTA-STS standard.
MTA-STS is a standard already in use by many major email systems including the NCSC as well about an increasing number of councils up and down the country.
9th October 2023 - https://www.eventbrite.co.uk/e/609569718437
12th December 2023 - https://www.eventbrite.co.uk/e/609593068277
12th March 2023 - https://www.eventbrite.co.uk/e/609615726047
Dark Web I – There and back again
This workshop is based on the premise you want to know more about the dark web, or that you may have a need to have a look at what is there, perhaps to check if you can find any stolen data belonging to your organisation perhaps (post ransomware attack).
It deals with some of the many myths that surround the dark web, explores the differences between Deep and Dark webs, as well as what scanners and command-line options are available for searching for data...
It features a live demo around how to get to the Dark web and some safety precautions to take prior to going online to the dark web as well while you are there, as well as looking at some dark web sites and doing some searches...
22nd September 2023 - https://www.eventbrite.co.uk/e/609564823797
Dark Web II – You want it darker
This presentation, including live demos, will look at manual and automated navigation, using .onion URL links, what open source technologies are available, and what works and what does not, it also looks at in some depth the evolving encryption methods used by one of the leading ransomware groups that present as a threat to the broader UK public sector, this session with a very brief look at the lighter side of ransomware groups when they goof up!
Participants will gain a more in depth knowledge to technology that will enable them to navigate the dark web safely.
14th July 2023 - https://www.eventbrite.co.uk/e/609556338417
19th October 2023 - https://www.eventbrite.co.uk/e/609576699317
24th January 2024 - https://www.eventbrite.co.uk/e/609602987947
Dark Web III – Ransomware Group Strategies & Impacts
This presentation will look at a number of the methodologies of ransomware groups, using screenshots and research gathered over the last six months, including a deep dive into one of the major threats to the broader UK public sector and how they interact with their victims. It will also contrast and compare this to other groups and look at the different and evolving methods of ransom demands.
Participants will gain a greater understanding of the operations of ransomware groups and be better able to risk assessment for their organisations the impact of this type of cyber attack.
16th August 2023 - https://www.eventbrite.co.uk/e/609557471807
28th November 2023 - https://www.eventbrite.co.uk/e/609586719287
22nd February 2024 - https://www.eventbrite.co.uk/e/609610711047