CSSA2020

CSSA WEBINAR SERIES
19 - 23 OCTOBER 2020

THEME

Cybersecurity in the times of remote working and COVID-19

The first Cyber Security Symposium Africa webinar series successfully took place 19-23 October 2020. The event, which was moved online due to COVID-19 and many individuals working remotely, focussed on Cybersecurity in the times of remote working and COVID-19.

2020 has seen a significant increase in cyber-attacks particularly targeted at remote working. Furthermore, cybercriminals are also exploiting COVID-19 by creating a range of phishing attacks to get people to share their log in details. There has also been an increase in fake news being spread and spoof websites being created aimed at getting people to take action.

THE AIM OF THE SERIES

The aim of the webinar series was to highlight:

PROGRAMME

The series entailed one-hour information sessions where speakers from various sectors highlighted how they are managing their cybersecurity strategies during this time and provided insights on tips that attendees can adapt in their own workplace.

 

Monday, 19 October 2020

11:00-12:00The importance of Information and Cyber Security culture
Ghamza Jacobs -
University of Cape Town
15:00-16:00City Cybersecurity challenges and lessons during COVID 19
Hylton Brand - Risk Management: City of Cape Town

Tuesday, 20 October 2020

09:00-10:00Cyber Security During COVID 19
Erdal Ozkaya - Cybersecurity Professional
11:00-12:00Cybersecurity self & company defence
Craig Rosewarne - MD: Wolfpack Information Risk
15:00-16:00Tools for the implementation of POPIA and protecting DATA
Alan Falck - CIO and Founder: Less Risk

Wednesday, 21 October 2020

11:00-12:00From Russia with love
Peter Allwright - Director: Horizon Forensics (Pty) Ltd
13:00-14:00So, you have some cyber security in place, what now! is your business safe enough?
Jayson O'Reilly - Atvance Intellect
15:00-16:00Social Engineering Attacks, Contemporary Techniques and Defenses
Keith Makan - Security Researcher

Thursday, 22 October 2020

11:00-12:00Cyber Strategy
Steve Kennett - Executive Director: e-infrastructure & Senior Information Risk Owner (SIRO)
15:00-16:00(In)secure remote access
Wicus Ross - Senior Security Researcher
Orange Cyberdefense

Friday, 23 October 2020

11:00-12:00Sandro Bucchianeri - Group Chief Security Officer ABSA

SPEAKERS

Craig Rosewarne

Craig is the MD of Wolfpack Information Risk - a South African firm established in 2011 that specialises in cyber threat intelligence, research, training, awareness and advisory services. A community of 9000+ information and cyber security specialists subscribe to their regular community updates.

We have partnered with senior management teams from all major sectors to understand the opportunities and threats that cyberspace presents. Wolfpack have also been instrumental in driving many strategic cyber security initiatives with stakeholders on the African continent.

Craig was previously an Associate Director of Deloitte's Risk Advisory division. He ran the Deloitte School of Risk Management and was responsible on a national level for learning and innovation for a team of over 400 professionals.

Craig has over 18 years of management experience in the fields of IT & cyber security. He is frequently invited to speak at information security, cybercrime and counter-espionage events. He provides regular opinion pieces via TV, radio and print/online media.

He is proudly South African and an even prouder husband and father to three healthy “cubs”.

MBA, CISSP, CISM, CVE, ISO 27001 Lead Implementer & Auditor, ISO 27035 Lead Incident Response Professional, Certified ISO 27005 Risk, COBIT & ITIL trainer.

Peter Allwright

Director of Horizon Forensics

Peter is a cyber intelligence investigator and open source intelligence expert.

He specialises in investigating high-value customer data breaches and hunting down hackers in hostile jurisdictions to retain the stolen data. He works closely with local and international law enforcement agencies to detain hackers and to support their successful extradition and prosecution.

He has successfully led local and international search and seizure operations of private residences, business premises and internet service providers, in order to retain stolen data and secure evidence that hackers leave behind. He often has to deal with the complexities of foreign jurisdictions and the impact of data protection legislation.

He has wide experience of dealing with crisis management situations and together with specialised professionals takes care of coordinating the key aspects of resolving the crisis and protecting the client’s position at all times.

He has investigated hacking of data centres, data breaches, domain name hijacking, man-in-the-middle attacks, phishing and spear phishing attacks, counterfeit trademarks, copyright violations, prohibited/illegal content, identity theft, malvertising, ransomware, cyberstalking, cyberbullying, online scams, fraudulent invoices/change of bank account scams, sextortion, defamatory blogs, hacking and reprogramming of master slave devices, software piracy, and the distribution of child pornography.

He uses conventional and unconventional techniques to investigate cybercrime. His conventional methods include a proprietary threat intelligence and investigation platform together with custom-built threat hunting workstations and advanced forensic tools to access information that is out of the public domain. His unconventional methods include system thinking tools that analyse the situation to reveal unknown or hidden associations.

He has successfully guided multidisciplinary forensic teams in Africa, the Middle East, Europe and Asia.

Steve Kennett

Steve Kennett served 23 years in the Royal Air Force from 1978 to 2001 as a telecommunications engineer. He specialised in Data communications, Cryptography & Data protection (cyber and Information security). On Leaving the RAF Steve held senior positions at Kingston Communications, Centrica, and Ofcom.

Steve is currently the Executive Director e-infrastructure & Senior Information Risk Owner for Jisc and as such Steve leads the Jisc Technologies directorate, his current role is to work as part of the senior leadership team to provide strategic leadership to the organisation and to directly lead the Jisc Technologies directorate as an integrated part of Jisc so that appropriate, attractive and highly regarded services are provided to the Jisc customer base.

Ensuring that the long-term delivery of technology services meets the evolving needs of the education and research customer base.

Steve is a highly accomplished senior executive, with 20 years’ extensive operational experience operating at C level in a variety of senior roles within several complex organisations. He has a strong Cyber and Information security background with extensive experience of shaping and delivering large scale organisational change including complex cultural and technical strategies. Steve also manages top-level relationships with law enforcement and major security organisations including government security services to provide increased benefit to our members.

Sandro Bucchianeri

Sandro Bucchianeri is an award-winning, globally experienced Technology & Security Executive with
over two decades of experience, with the last 10 years at the executive level (CISO and CSO).

In these positions, he has worked with large multi-national organisations. He has managed globally
dispersed teams and successfully delivered strategic, transformational programmes virtually. Apart
from his Risk & Securities and Legal & Compliance nous, he is an innovator and strategically-minded leader at heart.

Sandro is innately curious and a lifelong learner. As such, he boasts a track record of continuous
learning, including a list of Cybersecurity and Risk Management qualifications, including an MSc in
Information Security.

Sandro is uniquely able to inspire the confidence of both technologists and Business stakeholders
equally, all the while bridging the divide between CIOs and CISOs through his pragmatic approach to
risk management.

As a recognized thought & transformational leader in Security, Sandro is called on as a speaker and
collaborator across the world, and plays an integral role in the World Economic Forum’s Cybersecurity working group and the Payment Card Industry’s (PCI) Board of Advisors.

Dr. Erdal Ozkaya

Dr. Erdal Ozkaya is a leading Cybersecurity Professional with business development, management, and Academic skills who focuses on securing the Cyber Space & sharing his real-life skills as a Security Advisor, Speaker, Lecturer, and Author.

Erdal is known to be passionate about reaching communities, creating cyber aware campaigns, leveraging new and innovative approaches and technologies to holistically address the information security and privacy needs for every person and organization in the world.

He is an award-winning technical expert & speaker: His recent awards are: Global Future Security Leader ,Super Hero CISO (2020) Cyber Security Professional of the year MEA , Hall of Fame by CISO Magazine , Cybersecurity Influencer of the year (2019) ,Microsoft Circle of Excellence Platinum Club (2017), NATO Center of Excellence (2016) Security Professional of the year by MEA Channel Magazine (2015), Professional of the year Sydney (2014) and many speaker of the year awards in conferences. He also holds Global Instructor of the year awards from EC Council & Microsoft. Erdal is also a part-time lecturer at Australian Charles Sturt University

Erdal has co-authored many cybersecurity books as well as security certification course-ware and exams for different vendors.

Erdal's Twitter : https://twitter.com/Erdal_Ozkaya

Keith Makan

Keith Makan is a security consultant with 6+ years of experience in delivering secure assessment of code and applications in various industries spanning companies across the globe.

Keith has consulted at the biggest businesses in software and internet based technologies and remains eager to learn new ways to assess and scrutinize modern applications and environments.

Keith's expertise include Secure Code Review in various languages, Android and Web Application assessment, Network and Infrastructure assessment as well as a growing expertise in Reverse Engineering, Binary Analysis and Social Engineering.

During the span of his career he has published two books in the information security field namely, "The Android Security Cookbook" and "Penetration Testing with the Bash Shell", and is currently pursuing his masters in Computer Science with a focus on Binary Symbolic Execution.

Hylton Brand

Hylton Brand, has over 21 years work experience in government and is currently a Risk Officer at the City of Cape Town.

With a passion for Information Security, he qualified as a CISSP in 2004, graduated with a UCT Computer Forensics diploma in 2009 and obtained Honors degree in 2010.

Specialisations include Information Security awareness, Public education, GRC and Business Continuity.

Noteworthy achievements include spearheading the City’s Cybersecurity Handbook for Cape Town residents and driving information security awareness amongst public servants and officials as part of a 10-year City campaign.

Alan Falck

Alan has more than 35 years’ experience in IT and cybersecurity, both in South Africa and internationally, where he has served as CIO, DPO & Technical Director, Operations Manager and Global Product Manager. He is founder and CEO of LessRisk.biz, a leading provider of cybersecurity services. His expertise includes:

  • Cybersecurity and risk management
  • IT Disaster recovery planning, implementation and restoration testing.
  • Legislative frameworks, Compliance ISO 22301
  • End to End Data Management systems
  • Backup and Disaster recovery infrastructure, Network Attached Storage (NAS) and Storage Area Networks (SAN)
  • IP networks, embedded devices & IOT
  • Technical Project management
  • Training and mentorship

Jayson O'Reilly

Jayson is a CYBER SECURITY expert with extensive global and local experience in implementing effective cyber resilience strategies.

His core knowledge spans across enterprise business development and people management, securing organisations against insider threats, external cyber criminals and resolving organisational challenges relating to CYBER SECURITY.

Wicus Ross

Wicus is Senior Security Researcher at Orange Cyberdefense Security Research Centre.

He is tasked with investigating industry events and trends, with the single purpose of understanding how these may affect business.

Wicus uses his understanding and knowledge to advise customers and threat detection/hunting teams on the appropriate response given the threat or trend.

SPONSORS

We would like to thank Atvance Intellect for coming on board as a sponsor of the CSSA 2020 webinar series