Bringing new concepts to infosec

April 26, 2017

Source: ITWeb


Young professionals with an interest in developing their infosec skills, meeting with like-minded individuals and gaining access to experts in their fields attended phase one of the inaugural #SS17HACK, to be held at ITWeb Security Summit 2017.

The preselection process, Ideathon, took place in Tshwane on 22 April.

The overall theme, "Innovation in Security", challenged disruptive innovators to build the most secure systems possible, as well as explore new innovative mechanisms for the security sector.

The day kicked off early with over 40 aspiring 'hackers' arriving from different parts of Tshwane, Ekurhuleniand the Northern Cape.

Their mandate was to spend time learning from experts on topics such as Twitter intelligence, malware threats, ethical hacking and integrating secure coding into the SDLC.

They were also given the opportunity to mingle with infosec minds such as Manuel Corregedor of Telspace Systems, Nithen Naidoo of Snode, Ivan Burke and Francois Mouton of CSIR, Ashley Anthony of Isazi Consulting, and Grant Thompson of MTN.

They later presented their ideas to this panel.

During the ethical hacking session, presented by the CSIR, students got a snapshot of what happens online in any 60 seconds, as well as the number of data breaches over the same period. Over seven billion data records were lost or stolen since 2013, over four-and-a-half million daily and 52 per second.

These take place across industries but are more prevalent in the retail and financial sectors. Attendees delved into the types of hackers out there, what phases hacking goes through and the questions ethical hackers need to answer.

info|Guardian then provided students with a session on SDLC.

Snode Twitter Intelligence Challenge, the next presentation of the morning, exposed how intelligence gleaned from Twitter has been used to track criminals, prevent potential terrorist attacks and monitor its users.

Snode also revealed some data pertaining to the real agenda behind the recent #feesmustfall campaign.

The students were exposed to the challenges associated with using such data to correctly predict patterns and come up with creative and innovative ways to apply possible solutions.

The malware threat presentation by Telspace Systems drew attention to: what is malware really, are the current anti-malware products working and how they work.

The afternoon was all about innovation, new ideas and concepts, with nine teams represented. Their ideas ranged from social media education to new voting techniques, facial recognition to artificial intelligence, and machine learning, all from a secure foundation.

Only 30 of the over 140 registrants to #SS17HACK will be chosen and will further develop their concept, under the guidance of experts, at the main event on 16 and 17 May.


From ideas to reality


Judges and mentors at the event had this feedback for the up-and-coming infosec professionals:

Ashley Anthony of Isazi Consulting noted: "One of the most important quotes that I think the students should think about based on the presentations that we heard comes from Albert Einstein: If you can't explain it simply, you don't understand it well enough."

ITWeb's Ivan Regasek said: "The participants seemed to grasp the various security concerns presented. The problems addressed were largely on point, and ideas generated ranged from good try to brilliant. I trust the problems tackled will give food for thought to the security community at the event, and am much looking forward to the experienced community guiding the ambitious contestants towards hopefully creating real solutions."

Manuel Corregedor of Telspace Systems said: "It was really great to meet students with different backgrounds and skill sets in IT. There were some really great ideas and it was good to see some attendees proposing solutions that could be used to better protect the end-user, through the use of technologies such as browser extensions, blockchains, artificial intelligence, mobile applications and biometrics. I am really looking forward to the hackathon, where we will see these ideas come to life and possibly change the world."


Security Summit 2017 announces its first Hackathon

February 23, 2017

Source: ITWeb   ITWeb Events, ICT skills development company Geekulcha and cyber security start-up Snode are bringing the first ever hackathon to the ITWeb Security Summit 2017. #SS17HACK is now open for registration and is looking for young, talented individuals who want to develop their skills through learning and innovation, and who have a passion for information security. According to Allyson Towle, conference director from ITWeb, the hackathon is challenging disruptive innovators to build the most secure systems possible, and will also be used to explore new innovative mechanisms for the security sector.   Skills development Tiyani Nghonyama, COO of Geekulcha, says: "As far as Security Summit 2017 is concerned, Geekulcha is highly anticipating a skills development drive through the hackathon especially for intermediate developers. We want to instill a culture of consciousness in information security from both the developers and consumers/users of digital solutions." According to him, the hackathon presents the perfect opportunity to discover new talent and valuable skills capacity for various organisations. "We want to send a strong message that there is a need to invest in the collaborative economy and peer-learning platforms such as hackathons." With this in mind, various organisations have been invited to scout talent for work and collaborative opportunities at this event. Nghonyama says the hackathon is hosted against the backdrop of a need to grow skills capacity in cyber security in the country. "We believe building the momentum and equipping fresh talent with critical knowledge, and being exposed to over 500 experts in the ITWeb Security Summit, is a first step towards winning the war as intended." He says it is a collective responsibility to insure innovation capacity continues to grow but grow safely and securely. "We have outlined three key sectors, namely finance, retail and public sector, that need critical defence, and we aim to build 'digital troops' through the hackathon." There will only be 30 spots available, and those wishing to apply need to choose from a number of themes, or suggest their own idea during the registration process. As part of the event, an 'ideathon' will be held on 22 April 2017 where the various stakeholders will make their final selection.   'Must be solved' ideas The mentors and judges have selected a few 'must be solved' ideas: Financial Sector An Artificial Intelligence (AI) and cognitive fraud detection system. Propose a model and system architecture for cheaply but safely distributing pension pay-outs to people in rural areas. Design and develop an OTP system for Internet Banking that doesn't require the use of a mobile phone. Public Sector Twitter intelligence solution. Blockchain voting system. Retail IOT cashless no-point of sale solution. Other Design and develop a system that will note whether your mobile phone is in the vicinity when you log onto your computer and deny access if it isn't.   Judging and prizes Judging for the hackathon will take place around 3pm on 17 May 2017, and the winners will be announced to the audience at around 5pm. The judges and mentors for the event include Dino Covotsos from Telspace Systems, Dr Jabu Mtsweni from the CSIR, Marc Silver from Discovery Health, Grant Thompson from MTN, Ivan Regasek from ITWeb, and Yugan Reddy from InfoGuardian. There will be a first prize of R20k, a second price of R10k and third prize of R5k. In addition, entrants stand a chance of being a recipient of one of a number of internships on offer by reputable organisations.


Maths deployed as cybercrime 'street fighter'

May 17, 2017

Source: ITWeb   By deploying mathematical algorithms in the fight against cybercrime, organisations stand to gain the 'street fighters' of cyber defence in their arsenal. This is according to Snode chief technology officer and founder Nithen Naidoo, who told delegates at the ITWeb Security Summit 2017 that algorithms already in use in other sectors stood to significantly improve cyber defence. "Maths is fast, doesn't lie and makes no assumptions. By using advanced algorithms, we are able to introduce intelligence amplification - rather than artificial intelligence - to the fight against cyber crime." He says these algorithms will help organisations catch over 80% of attack attempts, whereas artificial intelligence (AI) catches only around 30 - 40%. "We took statistical analytics from other spheres and applied it to cyber security. I don't know why we haven't used it before, but now it's here."   "Maths is fast, doesn't lie and makes no assumptions."   Naidoo said machine learning and mathematical algorithms combined could be harnessed to constantly monitor user behaviour and seek anomalies across any data, as well as patterns that are precursors to events.