Connect with us

Events

Day One of the Global Cybersecurity Forum Underlines the Importance of Collective Action for a Safer Cyberspace

Published

on

More than 60 of the best cybersecurity minds addressed thousands of attendees from more than 100 countries during the first day of the 2022 Edition of the Global Cybersecurity Forum (GCF). The international Forum, founded by Saudi Arabia’s National Cybersecurity Authority, opened with a welcome address from H.R.H Prince Faisal bin Bandar bin Abdulaziz, Governor of Riyadh Province, who called for global collaboration to counter threats.

Under the event theme, Rethinking the Global Cyber Order, the Forum covered the full spectrum of issues including, resilience in the energy supply chain, child protection online, countering cyber conflict, women in cybersecurity, and tackling cybercrime, with perspectives sought from the government, private sector, NGOs, policymakers, and industry specialists.

Dr. Mary Aiken, a leading expert in Cyberpsychology, praised the inclusion of child protection online in the Forum’s program, noting that it was an important topic in the discussion of cybersecurity: “The internet was created on the principle that all users are equal.  This is not true.  Some users are more vulnerable than others, and children are particularly vulnerable”. Sanjay Wijeskera, Director Programme Group, UNICEF also noted: “A digital space that’s safe for children is safe for everyone.”

There were also predictions about the future, with cyber advances likely to dramatically change the world. The world-renowned author, scientist, and futurist Dr. Michio Kaku said that Silicon Valley “could become the next rust belt as quantum computers begin to take over”, urging the world to “prepare for the quantum era”.

Speaking about the cybersecurity threats posed to the energy supply chain, Amin H. Nasser, President and CEO, Aramco said: “the danger for us is very clear, present and constant” and called for increased cooperation across borders, industries, and the public, and private sectors to ensure resilience.

Also featured in the day’s line up was H.R.H Abdulaziz bin Salman Al Saud, Saudi Minister of Energy, Dr. Craig Wright, Chief Scientist at nChain and Jeremy Jurgens, Managing Director, World Economic Forum. Day two of the Forum will continue on 10th November, hosting diverse program of sessions, including Ian Goldin, Professor of Globalization and Development Oxford University, Former Vice President and Head of Policy, World Bank. Those not able to attend the event in person are able to join via live stream on the Global Cybersecurity Forum YouTube channel.

Cyber Security

Dragos Participates in Global Security Forum in Riyadh

Published

on

Dragos, Inc. announced that it participated in the Global Cybersecurity Forum, held in Riyadh recently. The two-day event attracted cybersecurity experts and leaders from all over the world. Ben Miller, who represented Dragos as its Vice President of Services, spoke on the concluding day of the forum, about the threat of supply chain and third-party attacks. In his session, titled, “Pervasive and Insecure,” he discussed supply chain risk in critical infrastructure, examining the complex reality of third-party and supply chain attacks and sharing perspectives on the unseen vulnerabilities and how to address them.

Miller highlighted the complex nature of supply chain attacks, which potentially contain widespread vulnerabilities in the OT and industrial control systems (ICS). He outlined Dragos’ specific focus on the Kingdom’s supply chain risk in critical infrastructure including refineries and water treatment plants, as “Energy and water are specific focuses of ours in the region as they are critical not just to the economy but also to every person who lives here,” he said.

Giving an outline of the Dragos plan to help organizations detect and respond to the threat challenges posed to critical infrastructure in Saudi Arabia, he said, “We need to focus on educating the workforce, building a new understanding of how OT is different from IT, and gaining visibility and insights into what is happening in our critical infrastructure.” OT cybersecurity is in many ways a new field, he said.

“We need to communicate the needs of OT security as right now the concern exists but the specific needs aren’t well understood by asset owners. They do understand that digital transformation is happening and they need to secure it. I would focus on this business case and speak to the need for OT-specific monitoring, defensible architectures, and OT-specific incident response plans,” the Dragos official said.

Miller said supply chain attacks in critical infrastructure are complex with many suppliers, vendors, integrators, and long lifecycles that measure in decades. Commenting on the need to build industrial cyber resilience to keep such threats in check, he said: “The first challenge in the OT space is gaining visibility into what assets one has. You can’t defend something if you don’t know it exists.”

When it comes to safeguarding cyberspace, he had a few words of advice for Saudi Arabia, “The Kingdom should realize the potential challenges as early as possible. Commending the country’s efforts in cybersecurity. Over the last few years, Saudi Arabia has focused heavily on cybersecurity by investing in key programs and events such as the Global Cybersecurity Forum. The Kingdom of Saudi Arabia has impressed many by taking one of the world’s leading positions in developing and maintaining a cyber ecosystem. Therefore, the Kingdom now has a vantage point to bridge global cyber divides and ensure that cybersecurity benefits all societies in the region.”

A global expert in industrial cybersecurity himself, Miller joined other renowned thought leaders in the field, including Dr. Albert Antwi-Boasiako, Directory-General of the Cyber Security Authority, Ghana; Mary O’Brien, General Manager, IBM Security; Lothar Renner from Cisco Security; and Dr. Victoria Coates, Former Senior Advisor to the US Secretary of Energy.

Continue Reading

Events

Arab International Cybersecurity Summit to be Held in Bahrain on December 6, 2022

Published

on

The organisers of the Arab International Cybersecurity Summit (AICS) have announced that the event will be held from December 6 to December 8 at Exhibition World Bahrain. Co-hosted by the National Cyber Security Centre and held under the patronage of His Royal Highness Prince Salman bin Hamad Al Khalifa, Crown Prince, Deputy Supreme Commander, and Prime Minister of the Kingdom of Bahrain, AICS represents the region’s highest level of engagement, bringing together experts from government, industry, and business verticals including BFSI, oil and gas, energy, utilities, IT and telecommunications, manufacturing, education, and more.

The Summit’s three-day Cyber Leaders Forum, which has attracted decision-makers from across Europe, the USA, the UK, Asia, the Baltics, and the Middle East, will look to reframe the region’s Cyber Security Leadership landscape with His Excellency Dr Mohamed Al Kuwaiti, Managing Director of the National Data Centre under the UAE’s Supreme Council for National Security, expected to call for supercharged collaboration in his regional keynote address.

“With the cost of cybersecurity incidents in the Middle East reaching a new high of $6.93 million per data breach — significantly higher than the global average cost of $4.24 million per incident – it’s time to question whether we move the action dial from defence to offence,” he said.  “With cooperation at the heart of the ACIS theme, we need to explore the best practice and importance of working together as a regional team to develop strategies to quickly evolve our security space to address the pressing concerns of today and for years to come.”

With the guidance and expertise of Dr Jassim Haji, President of the AI Society, delegates will also explore whether the increasing adoption of Artificial Intelligence is fuelling cybersecurity breaches. “With almost all aspects of the industry now utilising the power of AI, there is a pressing need and demand for AI-driven tools to combat AI-driven attacks. This conference will help us better understand the aspects of AI and machine learning, which could be hijacked for the cyber-attacks of the future,” he explained.

The Forum will also look to explore how to change industry attitudes towards cybersecurity. Roshdi Osman, Cybersecurity Strategist of Saudi Aramco, will help delegates scrutinise the rationale for establishing a business enabler risk-based cybersecurity programme. “Nowadays, there are more devices than humans and hackers are getting more creative, making it difficult to implement efficient cybersecurity measures,” he said.

And as the Arab World increasingly regulates personal data use, the Forum will drill down into the role of regulations in safeguarding data, privacy, and security with the help of Karolina Mojzesowicz, Deputy Head of Unit Data Protection, European Commission. “With all services moving to the cloud, it is the role of regulations to ensure that citizens’ data is safe and secure, and regulators must always be mindful while drafting laws that they need to focus on ensuring data processing is lawful, fair, and transparent to the data subject,” she said.

The dilemma of talent gaps in the cybersecurity sector will also come under the Forum’s microscope with Dr. Viktor Polic, Chief Information Security Officer of the International Labour Organisation, looking to guide leaders along the pathway to talent development and upskilling. “The current cybersecurity skill and capability gaps constitute a systemic vulnerability in the world’s cyber resiliency. To solve this and create a robust digital economy system, it will be essential to create an inclusive cybersecurity workforce,” he said.

The Forum will also feature virtual sessions from headline speakers Steve Wozniak, the co-founder of Apple, and Marc Randolph, co-founder and former CEO of Netflix. Complemented by a Block Stage platform to probe technical aspects of specific topics, Room 42 will host specific executive and technical sessions through table-top exercises, simulation games and live demos, including the use of a Velociraptor, an advanced digital forensic and incident response tool that can perform targeted gathering of digital forensic evidence, to triage hosts on a network.

The Hack Arena activation zone will be running a ‘Capture the Flag’ team competition on ethical hacking and cyber awareness. Consisting of 125 multi-disciplinary cybersecurity challenges, the competition is designed to test the users’ capability across the entire spectrum of cybersecurity skills. There will be a prize for the winning team, and all participants will be awarded a certificate of attendance and a personalised breakdown of their progress and achievements.

Trying to drive the importance of good internet habits, there will also be a cyber hackathon for university students, and a cyber scavenger hunt for high school students. The summit is set to host some of the industry’s leading industry players, such as Forcepoint, Kaspersky, Axonious, Veritas, CISCO ACME, Beyon Cyber, stc, ReSecurity, Waterfall, NGN International, Interpol, Micro Focus, and more. AICS is jointly organised by Messe Frankfurt Middle East and Bahraini event specialists Faalyat WLL and enjoys the support of Bahrain’s Ministry of Interior, the Bahrain Economic Development Board, and the Central Bank of Bahrain. The event is sponsored by Benefit, Waterfall, NGN International and STC.

Continue Reading

Black Hat MEA

Cybersecurity Experts Warn “Everything is Vulnerable” to Hackers

Published

on

As the world becomes increasingly reliant on the Internet of Things (IoT) and digital services, so too must step be taken to minimize the vulnerabilities that allow hackers to take advantage, visitors to day two of Black Hat MEA were told. The world is rapidly shifting towards a digital future as everything from banking to health services, agriculture and vehicles become more reliant on the Cloud and other IoT services. This brings a variety of benefits including convenience, flexibility, and ease of use. However, this also provides cybercriminals with far more vulnerabilities they can exploit to steal sensitive data, commit fraud, and more.

The second day of Black Hat MEA took the attendance since the start of the event to 20,000 and saw experts highlight threats while providing solutions that can be implemented to protect organizations and individuals from harm. Dr. Alissa ‘Dr. Jay’ Abdullah, Deputy Chief Security Officer at Mastercard highlighted the key areas of risk during a session related to mitigating cyber risks, focusing on technology, tactics, and talent. She mentioned, “Evolution is key, and we need to keep up with the pace of technology and evolve our infrastructure.” She also noted key tactics used by adversaries such as MFA (Multi-factor authentication) fatigue and the mimicking of user voice patterns, while highlighting the importance of upscaling talent, to build a more robust organization.

Caleb Sima, Chief Security Officer, Robinhood, hosted a session titled ‘Assume Breach’, with a key focus on a company’s crown jewels and how to protect them from hacking threats. “Crown jewels are anything that an attacker can take with them, including customer or employee data, tokens, and keys or even systems to modify financial transactions without repercussions.” He highlighted that much like our physical health; safety hygiene is key for any company.

During a panel discussion focused on the global laws related to the regulation, collection, use, retention, and disposal of personal information, Zaki Abbas, Chief Information Security Officer, Brookfield Asset Management said: “While it’s not exciting, data regulations play an important part and helps security programs mature. 70 percent of the world has some sort of data security regulation or legislation implemented.” Vikas Yadav, Chief Security Officer, Nyka, continued: “On a global scale a unified framework for compliance and fundamentals of privacy is the key to data protection. However, it should be implemented with customer trust at the heart of it all.” The panel also included Flavio Aggio, and Jon Staniforth, the Chief Information Security Officers of the World Health Organization (WHO) and Royal Mail respectively, and was moderated by Jaya Baloo, Chief Information Security Officer of Avast.

Taking a unique spin on things, Chris Roberts, Chief Information Security Officer, Boom Supersonic, showcased how connected livestock management and tracking platforms can be hijacked, referring to a previous experiment he had conducted. The session showed how data can be manipulated on platforms that use GPS trackers to show a completely different location, which in this case ‘relocated’ the camels from Riyadh’s deserts to snow-capped regions in Mongolia. “Our digital and physical worlds are colliding, and what you see isn’t always what you get. It is important to have a physical presence and not always depend on the digital,” said Roberts.

During the event, hacking experts showcased vulnerabilities in today’s connected environment where we are surrounded by connected devices including electric cars such as a Tesla. The demonstration showed that is possible to exploit system vulnerabilities where the car’s functions could be controlled remotely including lights, doors, and even the onboard infotainment systems. The three-day conference concludes on 17 November at the Riyadh Front Exhibition Center and features more than 250 exhibitors and over 200 speakers this year. It features international tech giants such as Cisco, IBM, Spire, Infoblox, and others that have a significant presence showcasing new technology and services.

The event was organized as part of a strategic partnership between Informa Markets, the largest events company in the world, and the Saudi Federation for Cybersecurity, Programming and Drones (SAFCSP) to highlight the Kingdom’s investments and growth in cybersecurity and the digital space.

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.