UESA Banner

About Us
Mail Lists

Search uesa
Search www

NYC Lecture Series:
Ivan Durbak Discusses Computer Security

On April 20th, 2004, the New York City Chapter of the Ukrainian Engineers' Society of America presented a lecture by Ivan Durbak, Chief Information Officer at SUNY Downstate Medical Center in Brooklyn, on "Computer Security: Protecting the Integrity, Availability, and Confidentiality of Computer Systems, Both at Home and at the Office".

Mr. Durbak provided a broad overview of all aspects of computer security, at various levels across organizations and on the home front. He addressed key questions such as: What is security? Can open access and privacy and security co-exist on the internet? Who polices the internet? How to deal with computer viruses and "spam-rage"?

Mr. Ivan Durbak

Mr. Durbak began from a national perspective, describing the major federal legislative initiatives: Gramm-Leach-Bliley Financial Modernization Act (1999), Health Insurance Portability & Accountability (HIPAA) Act, USA Patriot Act (2001), Sarbanes-Oxley Act (2003), and the recent CAN-SPAM Act (2004).

He then detailed the typical computer security actions by modern organizations: risk assessment, designation of a chief security officer, physical controls, environmental controls, access controls / password management, audit logs, transmission / network controls, encryption, audit logs, disaster recovery & business continuity, incident response plan & drill, policies & procedures, and awareness, education, & training.

Mr. Durbak next described current e-mail problems, for both large organizations and the individual consumer, and described ways to deal with "spam". He then discussed computer viruses, which are small files that attach to e-mails or downloads and infect the user's computer.

Mr. Durbak reviewed in depth the "hacking" problem and described in detail hackers as "the underbelly of the internet: people who randomly scan the internet to find openings so they can go in and snoop around, and once in your machine, they have as much access to it as you do, including your online banking, personal data, family data".

Mr. Ivan Durbak

Mr. Durbak, who has conducted considerable research on the world-wide hacker community, described their profiles, their habits, their culture, their hacker conferences, and described how hackers use commonly-available software in a typical hacker attack: first they reconnoiter the organization's perimeter, then scan servers & ports & services, identify vulnerabilities, plan the attack, then execute attack, secure back-door access, and finally eliminate all traces & evidence.

He identified the top 12 defense actions to take, at both the corporate and individual PC level, to protect against virus/worm attacks. Mr. Durbak also described spyware and adware, and how to deal with both.

Finally, Mr. Durbak provided tips and hands-on advice, listing the eight necessary items required to insure computer security: physical controls, access controls (passwords), anti-virus software, patch management, firewalls, IDS (intrusion detection), security awareness, and common sense,

Throughout the presentation Mr. Durbak kept the audience engaged and involved with a balance of technical material and practical real-world problems.

The evening finished with informal and convivial discussions over food and drinks.

This was the fourth in a series of engineering & scientific lectures presented by the Ukrainian Engineers' Society of NYC during the 2003/2004 year. The lecture counted towards NYS continuing education credit for licensed professional engineers.

Back ...

Please send comments, suggestions, and problem notices regarding this page to the Webmaster