Security Information and Event Management (SIEM) demonstrates the pivotal role of a security professional in identifying, analyzing, and reporting security events by collecting, monitoring, processing, managing logs. SIEM processes various types of logs from endpoints, networks, and users. Besides, manipulating big data distributed over a cluster using functional concepts is rampant in industry, and is arguably one of the first widespread industrial uses of functional ideas. This is evidenced by the popularity of big data technologies such as ELK Stack. In this workshop, log collection tools along-with big-data analytics tools will be used to collect and analyze different logs such as firewall, system monitor (Sysmon), powershell, beats, etc. Besides, QRadar and ELK will be used to practically explain, exhibit, and apply theoretical concepts of network security and event management. The participants will also gain experience on open-source threat intelligent tools such as MISP.
Ida Siahaan is a Research Associate at Canadian Institute for Cybersecurity (CIC, Canada) since January 2019. Ida Siahaan has a Doctorate in Computer Science from University of Trento (Italy), a master’s in computational Logic from Dresden University of Technology (Germany) and a bachelor’s in informatics engineering from Bandung Institute of Technology (Indonesia).
Research-wise, she has worked on Automata Modulo Theory (AMT), Operational Technology and Industrial Control System Security, Threat Information Sharing, Language-based Security, Security and Formal Methods, Network Security, Computational Logics, Software Engineering, and Privacy. She has research and professional experience as postdoctoral researcher at Centro Regionale Information Communication Technology (CeRICT, Italy), postdoctoral researcher at Software Research Institute, Athlone Institute of Technology (Ireland), postdoctoral fellow at the University of Calgary (Canada), visiting researcher at Computer Science Department University of Wisconsin - Madison (USA), research assistant at TU Dresden and University of Karlsruhe (Germany), lecturer specialist at Bina Nusantara University (Indonesia), overseeing operational IT and information system development at Surya Research Center (Indonesia).
Throughout her career, Ida Siahaan was involved in European projects namely H2020-ICT-18-2016-RIA-SPECIAL (Scalable Policy-awarE Linked Data arChitecture for prIvacy, trAnsparency and compLiance), H2020-EU.3.7.-IA-PROTECTIVE (Protecting freedom and security of Europe and its citizens), EU-FP7-IP-SECURECHANGE (Security Engineering for lifelong Evolvable Systems), and EU-IST-STREP-S3MS (Security and Services for Mobile Systems). She is also a senior member of professional bodies namely IEEE and ACM.
She has substantial teaching experience from three universities in Indonesia namely Bina Nusantara University, Universitas Multimedia Nusantara, and Surya School of Education. In addition, she has teaching experience at the University of Calgary and University of New Brunswick (Canada), and the University of Trento (Italy).
Kwasi has 10 years of experience in the telecommunications industry. During his time, he was part of teams that successfully rolled out projects with notable companies such as Ericsson and Huawei. Projects included Mobile Money platforms, Mobile Number Portability, and the Ghana government-backed Interconnect Clearing House. In 2014, he became a lecturer at the Ghana Institute of Management and Public Administration. From 2019 till date, he is pursuing his PhD in Computer Science, with a focus on Smart Grid Security, at the University of New Brunswick and he is working as a Research Assistant at the Canadian Institute for Cybersecurity (CIC). He has worked on projects with CIC partners such as IBM and Siemens. His research interests are Trust in Smart Grid, Smart Grid Security, Security in IoT and Fog Computing, and Threat Intelligence Sharing within the Smart Grid.
Since 2017, Kordia’s independent cyber consultancy - Aura Information Security have conducted an annual survey with IT decision makers in NZ to gain insight into cyber security within their business. This workshop will cover the themes and trends observed over the past five years and our predictions for what’s next on the horizon.
- How has the threat landscape changed or remained the same?
- What old attack formats are being reinvented and developed into new attack methods?
- What is the impact of AI as attackers try to save costs and maximise rewards.
- What new tools are in the arsenal to counter – attack?
- Web 3.0 is coming – how does that change the dial?
|10:30am||Intro by Andrew Hampton, Director General of the Government Communications Security Bureau (GCSB)
Presentation to cover the NZ Threat landscape– based on GCSB’s recently released annual cyber threat report, and a look at the range of work undergoing to raise cyber resilience, including GCSB’s cyber defence activity. (20 mins followed by 10 mins Q&A)
|11.am||Five years of NZ cyber security research: presentation of key themes and findings - Hilary Walton, CISO, Kordia Group (30 mins)
|11:30am||What’s on the horizon? – given what we have observed what’s our view on the next thing to look out for – Dr Frans Lategan, Principal Security Consultant at Aura information Security (30 mins)
|Middy||Q&A with Hilary and Frans|
|12:25pm||Sum up and close|
With a Ph.D. in Computer Science, a Master’s Degree in Mathematics and more than 22 years’ experience in the cyber security industry, Frans has a wealth of experience in both offensive and defensive security.
His key areas of expertise are penetration testing, security consulting, cryptography and source code review. During his career, Frans has assessed systems ranging from small mobile applications to Wi-Fi networks and large corporate networks to ATM security, as well as multiple web applications.
Prior to joining Aura, Frans held senior positions at Amazon Web Services (AWS), Barclays Africa Group Limited; and more recently, SensePost, a leading ethical hacking firm in South Africa.
Frans is a member of Aura’s senior management team and is primarily based in our Auckland offices.