Cybersecurity Event 2018
Cybersecurity has become one of the prominent subjects of this technology era, and this is bound to become more important as we increase our activities in the areas of AI, machine learning, the blockchain and DLT, Internet of Things (IoT), Quantum Computing and other prominent technologies. It is therefore essential that we give Cybersecurity the importance it deserves. It affects everyone, from techies right down to the citizen. The eSkills Malta Foundation, in collaboration with various stakeholders, will be organising an event on Cybersecurity. The Event is based on two half days. The first day will feature talks by prominent personalities in the area including Dr Mark Joseph Vella from the University of Malta, Mr Keith Cutajar from PwC Malta, Mr Glenn Camilleri from MITA, and Mr Rodrigo Marcos from SECFORCE and OWASP. The second day will include practical Case Studies from the Industry on malware reverse engineering and sophisticated hacking.
Abstracts & Biographies
A Memory-Wise Response to Cyberattacks Cybersecurity threats are nowadays affecting various aspects of critical business processes and personal privacy/safety alike. The increasing trend in having everything connected to the Internet from business information systems to home appliances and industrial control systems; from personal cloud storage to bank accounts and government data; is straining preventive security mechanisms. The setting up of various Security Operations Centres (SOCs) is a direct result of this situation. In turn, SOC staff must work closely with Computer Security Incident Response Teams (CSIRTs) to ensure security issues are addressed quickly upon discovery. Ongoing scientific research at the University of Malta – the CyberForensics project – leverages the core idea that in-memory artefacts cannot be avoided by cyber attacks. This approach promises more effective digital investigation tools for incident responders during evidence collection/analysis, as well as recovery stages. It has so far been explored within the contexts of intrusion detection; cloud and mobile device digital investigation; malware and vulnerability analysis; and adaptive access control for Bring-Your-Own-Device deployments. So far all research has been mainly the undertaking of undergraduate and postgraduate students, under the supervision of academics at the faculty of ICT. The main findings have been presented internationally at peer-reviewed conferences. At this stage we strongly believe that industry/government collaboration can be of mutual benefit, leading to joint grant applications and gaining access to the experience brought in by practitioners and career researchers alike.
Dr. Mark Vella is an information security lecturer and researcher, and currently holds the position of Senior Lecturer at the University of Malta. After spending many years participating and leading the development of enterprise application and integration projects, he moved back to academia. Motivated by the complexities and limitations of access control mechanisms, he pursued a research doctorate in the area of computer systems security at the University of Strathclyde (UK). His initial research on developing intrusion detection techniques inspired by the workings of the human immune system has today found a home and immediate application within the context of using memory forensics for incident response. At university, he lectures and advises undergraduate and postgraduate students on cryptography and security-related topics, as well as more generic computer systems ones. Research findings emerging from his efforts, along with those of his students, have been presented internationally at peer-reviewed conferences. Malware Analysis – The return of investment behind reverse engineering Malware is considered one of the leading cyber threats by leading industry experts. We hear about spyware, ransomware, Trojan-worm attacks on a daily basis, with the nature and flavour of the attacks constantly improving and differentiating themselves. But what are cyber-security professionals doing in this regard? By having up-to-date anti-malware protection, users trained, internal documentation in place and regular security testing undertaken, will that prevent you from being a malware victim in the future? Digital Forensics technology evolutions, in relation to malware reverse engineering, has provided us with a number of toolkits and knowledge in how to disassemble malware so as to understand its characteristics, understand the techniques used and gather information pertaining to its creator. IT professionals use such findings to block malicious command-and-control centres as well as to contain propagation. This session will take the attendees through a typical case-scenario of a malware attack and will highlight techniques used and value the findings of such an exercise.
Keith is a Cyber-Security specialist, focusing in the fields of Cybercrime, Digital Forensics and Cyber-Terrorism. He has worked on a variety of IT projects over the years, while employed, and as a consultant in his personal capacity. He is currently a Manager in the Advisory Line of Service at PwC in Malta focused on developing and aligning cybersecurity services to help clients keep pace with the challenges and new realities that the connected, mobile world brings with it. Keith has read for a BSc (Hons) in IT at the University of Malta and an MSc in Information Security at the Royal Holloway College(University of London), with the dissertation obtaining a distinction grade. He is also a registered Court Expert at the Courts of Law in Malta, having worked on some of the major national white-collar, cybercrime, cyber-terrorism and also organized crime investigations.
Introduction to Post Quantum Cryptography
Until lately, quantum computing was often seen as a capability that might arise in the distant future, or that it belongs to science fiction. The concepts have baffled scientists for decades and are quite difficult to reconcile. However, several experiments and observations have supported the quantum theory and its fundamental principles. Quantum computing has become a reality, with major innovations. The presentation we will go through an introduction to quantum computing, it’s a threat to current cryptographic algorithms and how to mitigate them.
Glenn is an Information Security Consultant at the Malta Information Technology Agency, where currently is involved in the implementation of several security tools to strengthen MITA security posture and also providing consultancy from a security perspective. Glenn has worked for more than a decade in the private sector mainly in the telecommunications industry specializing in the information technology and telecommunication field. Glenn has read an MSc in Information technology and Management at Sheffield Hallam University.
Taking Security, a step further: Red Team Operations
Security assurance is traditionally seen as performing penetration testing assessments. In recent years, due to the sophistication of attacks and the evolution of the security threat landscape, it has been shown that the traditional penetration testing would not provide the level of resilience that mature organisations require. Red Team operations recreate the scenario of a sophisticated hacking group targeting an organisation. In summary: hacking like in the movies! Rodrigo caught the hacking bug when he was 14 years old after he hacked into his dad’s computer. After discovering his passion for white-hat hacking he started his career in the offensive security industry, eventually founding SECFORCE where he is currently CEO. SECFORCE provides IT security and penetration testing services to some of the biggest brands and government organisations in the world. During his career, Rodrigo has seen an increasing demand for security services from companies which seek to safeguard their IT assets against Internet-borne attacks. With a wide knowledge of the offensive security arena and with a vast experience in online services, Rodrigo has an unparalleled understanding of current and future cyber-threats. Having published a number of books, articles and tools in the topic of penetration testing and IT security, Rodrigo is a sought-after speaker who has participated in conferences and seminars all around the world.
To register, click here https://forms.gle/TjwXkC5uH4McoEYE7