Program Overview

Due to the great of online tasks especially due to COVID19 occurence, cyberattacks are increasing. In addition, there is occurence of new types of attacks that couldn't be managed via traditional tools. For this artificial intelligence is a prominent solution to dynamic monitoring of the network.

Houda Chihi is a PhD in telecommunication, senior researcher at Innov'COM Laboratory of Sup'COM Tunisia, Tech women Fellow 2019, senior engineer at Tunisie Telecom. Her research field includes wireless communication, signal processing, vehicular communication, green communication, mobile communication. She is am a member of ISOC chapter Tunisia, member of AUESG , member of NCSG ICANN and reviewer in many IEEE conferences. From childhood, Houda has been passionate about new technologies and working in engineering field. She has a Telecommunication Bachelor degree, pursued her MSC, and then a PhD in Telecommunication field with Honors.

This talk proposes an add-on methodology to significantly increase an organization's cyber resilience posture against advanced adversaries by accounting for the value that these threat actors place on a given asset instead of solely focusing on the asset's value from a business criticality or informational value perspective. This methodology is an overlay to Special Publication NIST 800-160, MITRE Cyber Resiliency Engineering Framework, US CISA High Value Asset definition and tied to the MITRE ATT&CK Framework where possible.

Calin Gheorghiu joined Standard Chartered Bank (SCB) as cyber resilience architect, with the aspiration of laying the foundations & shaping the vision of an industry leading threat informed risk management strategy, in order to prepare against the threats of tomorrow. Calin has 7+ years' experience in IT and cyber security and joined SBC from Broadcom, where he covered a series of tactical & management roles, ranging from solution architecture, incident response & threat intelligence. He also holds the position of Director of the Community of Practice of the ISSA.org Cyber Resilience SIG.

Francesco Chiarini joined Standard Chartered Bank (SBC) as global lead over the cyber resilience capability with the aim to evolve SCB's posture and highlight the key strategic capabilities we need, to sustainably stay ahead of the cyber threat. Francesco has 15+ years' experience in IT and cyber security and joined SBC from PepsiCo where he was in charge of one of the two global Cyber Fusion Centers, leading globally incident response, adversary emulation and cyber resilience. Founder of the Consumer Packaged Goods (CPG) Special Interest Group (SIG) at FIRST.org and of the Poland FIRST.org group. 2021 Volunteer of the year award at ISSA.org, global head of the Cyber Resilience ISSA.org SIG and director for International Cooperation at ISSA Poland. Advisor of the FIRST.org Security Metrics SIG.

To improve the global response to cyber threats, and promote digital trust and security, several international processes are underway, including norms and principles that promote confidence-building measures and enhance cooperation in cyber security. UN-led processes such as the Intergovernmental Expert Group on Cybercrime (IEG), the Ad Hoc Committee for Developing a Comprehensive International Convention on Countering Information and Communication Technology for Criminal Purposes, and the United Nations Open Ended Working Groups (OEWGs), and Governmental Expert Groups (GGEs) are working to advance cybersecurity and establishing a framework to ensure security and stability in cyberspace. Additionally, the AU established a continental framework for Cybersecurity for Africa through the Malabo Convention on Cyber Security and Personal Data Protection and a Digital Policy Framework for Digital ID.

Drawing from the lessons and practices shared at the OEWG, States concluded that the prior existence of national and regional mechanisms and structures, as well as the building of adequate resources and capacities, such as national Computer Emergency Response Teams (CERTs), are essential to ensuring that Confidence Building Measures (CBMs) serve their intended purpose. According to AfricaCERT Record, only 26 countries in Africa have national CERTs.

In addition, CERT teams play a vital role in promoting compliance with cyber norms and implementing the UN's normative frameworks. The purpose of a cyber norm is to promote peace, security, cooperation, confidence, and trust among cyberspace users.

Moderator: Sorene Asefa: Sorene is the Chief Cybersecurity Officer, Executive Director of Cyber Czar, and Consulate Coordinator of the Cybersecurity, Internet Governance and Connected African Girls Initiative of the Digital Centre for Excellence of the United Nations Economic Commission for Africa (UNECA).

Prior to her current position, Sorene held several key roles at the International Telecommunication Union (ITU) Headquarters, including Information Technology System Officer and Technology Analyst. In these roles, she was instrumental in emerging trends, internet governance public policies, and cybersecurity, specifically in implementing critical national mechanisms for preventing and responding to cyber incidents (CERTs). This involved developing toolkits, implementing national frameworks, and providing technical training and capacity building in accordance with ITU's cybersecurity mandate.

Through her research works and professional responsibilities, Sorene continues to support African nations aimed at strengthening their national Cybersecurity postures and harmonizing their efforts with international frameworks by actively participating in global discussions that promote cyber diplomacy. As the founder and Executive Director of Cyber Czar, she has made substantial contributions to encouraging, empowering, and attracting more young African women to enter the field of STEAM and ICT, especially Cybersecurity and Internet governance. She currently serves on the Network of African Women in Cybersecurity (NAWC) steering committee, which empowers women to lead gender-neutral Cybersecurity initiatives. WSIS, UNGIS, and the Internet Governance Forum are the processes she has contributed to at the national, regional, continental, and global levels.

Furthermore, Sorene is pursuing a PhD at the University of Cape Town, researching the implications of the Cyber Sovereignty discourse on Cybersecurity and National Security in South Africa. She has a BSc Honours in Computer Science (Cum laude) and an MSc in Computer Science from the University of Johannesburg. In addition, she is also a Certified Information Systems Security Professional (CISSP®), a Certified Information Security Manager (CISM®), PRINCE2, ITIL®, COBIT ®, and ISO/IEC 27001.

Sorene, as an interdisciplinary scientist, is driven to understand the root causes of the growing impact of cyber threats by examining the relationship between technology and society. She is also committed to enhancing capacity in the areas of cybersecurity, internet governance, privacy, cyber norms, diplomacy, and data justice.

Dr. Kaleem Ahmed Usmani: I am heading the Computer Emergency Response Team of Mauritius (CERT-MU), a national CERT since May 2010. It operates under the umbrella of the National Computer Board, an autonomous body under the Ministry of Information Technology Communication and Innovation, Republic of Mauritius.

My experience of 18 years in the ICT industry spans over cybersecurity , network engineering, system administration, IT management and project implementation. Currently, I am involved in implementing the national level cybersecurity projects for Mauritius and also involved in initiating regional cybersecurity projects for IOC, SADC and COMESA region. I am the Mauritian representative to UN Group of Governmental Experts (UNGGE) on Cyber for the period 2019-2021.

Dr. Katherine W. Getao, EBS, is often dubbed an “ICT Elder” in Kenya, in recognition of her 40 years of service in the private sector, academia, diplomacy as well as senior government appointments. Dr. Getao currently executes consultancy assignments in the areas of Cyber Hygiene, Cyber Diplomacy and ICT Strategy and Governance. She has served as the Chief Executive Officer of the ICT Authority in Kenya, the ICT Secretary in the Office of the President and subsequently at the Ministry of ICT. During her time in government, she led the design of the Huduma Centre one-stop shops for government services as well as the integrated implementation of optical fibre in collaboration with the Roads sector. Project Manager of the NEPAD e- Schools Project as well as the Director of the School of Computing and Informatics at the University of Nairobi. She as represented Kenya on UN Governmental Committees and has also served on the boards of private companies and universities. Dr. Getao is passionate about public service transformation using ICTs and the creation of industries and career opportunities for young people in the ICT Sector.

Dr. Sherif Hashem is a Full Professor of Information Sciences and Technology at George Mason University (GMU). His professional and research interest includes cybersecurity, artificial intelligence, cyber policies and strategies, and management of information security. He has 5 published book chapters and over 60 refereed articles in international journals and conference proceedings, with more than 2600 citations.

Sherif is currently the Chair of the Board of Directors of FIRST. He is a member of the African Union’s Cybersecurity Expert Group (AUCSEG), a Senior IEEE member and an ISACA Certified Information Security Manager (CISM).

Over the last two decades, Sherif led several key cybersecurity efforts at the national level, and setting up the framework for developing the Egyptian Computer Emergency Readiness Team (EG-CERT). In 2016, he became the Chairman of the Executive Bureau of the Egypt’s Supreme Cybersecurity Council. He led the team that drafted Egypt’s first National Cybersecurity Strategy (2017-2021). Successful cybersecurity initiatives and activities led by Sherif have contributed to Egypt’s advanced cybersecurity rank: 14th among 193 countries, as reported by the International Telecommunications Union (ITU) Global Cybersecurity Index in July 2017.

At the international level, Sherif was an expert member of the United Nations Group of Government Experts (UN GGE) on the Developments In The Field Of Information And Telecommunications In The Context Of International Security (Aug 2012 - June 2013), a 15-members high-level group of experts that developed strategic cybersecurity reports to be endorsed by the UN General Assembly. Sherif was the Chairman of the ITU’s Council Working Group for Child online Protection from 2010-2017. He has been invited to give cybersecurity and ICT professional and strategic keynote speeches by numerous leading international organizations including: UN, ITU, Interpol, NATO, OSCE, OECD, African Union, the League of Arab States, as well as by the US Department of Defense and US Department of State.

Sherif received a Ph.D. in Industrial Engineering from Purdue University-USA, a M.Sc. in Engineering Mathematics and a B.Sc. in Communication & Electronic Engineering from Cairo University-Egypt. He completed the Senior Executive Program at Harvard Business School-USA. He received several awards and recognition including: the Global Bangemann Challenge Award from the King of Sweden (Stockholm – 1999).

Dr. Amreesh Phokeer: Amreesh is an Internet Measurement and Data Expert at the Internet Society. He is focused on efforts around Internet resilience, Internet shutdowns, and understanding market trends that impact the growth of the Internet across the globe. Prior to joining the Internet Society, he was a Research Manager at the African Network Information Center – AFRINIC, where he spearheaded the organization’s research activities in the areas of Internet security and Internet measurements. He is also heavily involved in the academic community has several scientific publications in the areas of network performance, security, and Internet policy. He holds a PhD in Computer Science from the University of Cape Town, South Africa, an MS in Computer Science from Telecom Nancy, France and an MSc in Information Security from the University of London, UK.

Often CSIRTs' success depend on how well they are managed by management team, rather then by the depth of technical skills CSIRT teams master. This training is one of very few trainings available specifically targeting CSIRT managers - to inspire, motivate, upskill, and foster friendships with other CSIRT managers. Training is for current and future senior and mid-managers of CSIRTs and SOCs. The objective of the training is to spend full day reflecting and collectively working on CSIRT managers' daily questions and concerns, including CSIRT KPIs, Annual report writing, clarity improvement in CSIRT mandate and strategy, CSIRT manager's time planning and allocation. It will be dedicated time to build relations between managers, discussing and supporting each other.

Dr. Vilius Benetis is member of NRD CIRT (in NRD Cyber Security), where he leads a team of experts to consult, establish and modernize CSIRT/SOCs for sectors, governments and organizations in Africa, Asia, Europe, and Latin America. He is an active contributor and speaker for ISACA's cybersecurity research and contributes to development of CSIRT methodologies for ENISA, FIRST.org and ITU. He is an industry professor in Cybersecurity at Kaunas Technology University (ktu.edu).

The Computer Emergency Response Team of Mauritius (CERT-MU), operating under the aegis of the Ministry of Information Technology, Communication and Innovation of the Republic of Mauritius has launched a Cyber Threat Information Sharing Platform known as MAUSHIELD (https://maushield.govmu.org ) in September 2022. It is an automated platform for sharing cyber threat intelligence in a real-time and in a secure and confidential manner. The aim of MAUSHIELD is to facilitate cyber threat information sharing and develop a better understanding of the different techniques that cybercriminals are using to carry out cyber-attacks. This will help organisations to improve on their defense capability and stay on top of current trends and emerging threats. The functions of MAUSHIELD are to:

• To provide a collaborative platform for sharing information and to give a better visibility of cyber threats.
• To facilitate cyber threat information sharing in a secure and confidential environment.
• To develop a better understanding of the different techniques that cybercriminals are using to carry out cyber-attacks.
• To help organisations to improve their cyber defence capability and stay ahead of emerging threats. -To increase the outreach of information availability to all organisations.
• To build contacts in case of an incident or crisis requiring collaboration with other organisations.

What Cyber Threat intelligence is shared on MAUSHIELD? Cyber Threat intelligence can help analysing risks, allocating resources, and understanding threats relevant to one's own organisation, industry and geography. This information may include:

• Mechanisms of an attack
• How to identify that an attack is happening
• Ways different types of attacks might affect the organisation
• Action-oriented advice about how to defend against attacks

Jennita Appanah Appayya is an experienced Information Security Consultant working at the Computer Emergency Response Team of Mauritius (CERT-MU). She has extensive experience in incident handling and management, national cyber security strategy and policy drafting, cyber security vulnerability research, development of information security guidelines and best practices. She is the author and co-author of cybersecurity papers. She is passionate about cybersecurity and is keen on exploring new aspects in the field.

Jennita holds a Master degree in Computer Security and Forensics and is a Certified Ethical Hacker, Certified Network Security Manager and Certified Digital Forensic Investigation Professional. She is also an alumni of the U.S Department of State’s International Visitor’s Leadership Program on “Promoting Cybersecurity” (a Regional Project for Africa).

Kaleem Ahmed Usmani: I am heading the Computer Emergency Response Team of Mauritius (CERT-MU), a national CERT since May 2010. It operates under the umbrella of the National Computer Board, an autonomous body under the Ministry of Information Technology Communication and Innovation, Republic of Mauritius.

My experience of 18 years in the ICT industry spans over cybersecurity , network engineering, system administration, IT management and project implementation. Currently, I am involved in implementing the national level cybersecurity projects for Mauritius and also involved in initiating regional cybersecurity projects for IOC, SADC and COMESA region. I am the Mauritian representative to UN Group of Governmental Experts (UNGGE) on Cyber for the period 2019-2021.

The training on DNS: Prevention, Detection, Disruption and Defense offers a comprehensive introduction from a basic to an advanced level on how adversaries abuse and leverage the Domain Name System and domain registration services to carry out different types of attacks.

Looking at both the technical aspect of the domain resolution process to the lifecycle of domain names, with a focus on the vulnerabilities in the processes and systems, participants in the training will gain an understanding on how they can prevent the malicious activity, detect and disrupt it, as well as defend their specific constituencies.

The training consists of the following modules:

• DNS Basics and Ecosystem
• How do domains resolve?
• What are the components in the DNS?
• How does a domain get registered?
• Who is who in the domain ecosystem and why this matters?
• Phishing - Hands-on: Participants will learn which steps to take, with real-life examples, when addressing phishing cases against their constituencies:
• Detect the phishing
• Identify the relevant entities
• Gather the evidence
• Decide who to submit reports of abuse
• Decide on information sharing
• Advanced DNS
• Delegation
• Relevant Resource Records
• Authoritative vs. Recursive Resolvers
• Exercise
• Sophisticated DNS attacks
• Examples of sophisticated attacks
• Possible countermeasures for detection, disruption, and defense
• Techniques and good practices to prevent DNS threats
• Table-top exercise based on 4 scenarios:
• Hijacking
• DNS amplification
• Random subdomain attack
• DNS as a covert channel for exfiltration

Yazid Akanho has joined ICANN Org as Technical Engagement Specialist for Middle East and Africa (MEA). His main role is to support ICANN org’s technical engagement efforts in the region (trainings, promote DNS standards and best practices, promote research, …). He reports to Adiel Akplogan, VP Technical Engagement at the Office of the Chief Technology Officer.

Yazid’s professional career started at Benin Telecoms, the national telecom operator, where he worked in data transmission engineering and contributed to the design of FTTx and 4G LTE network projects, before joining MTN Benin where he held several roles including technical lead on several projects.

As a previous ICANN community member, Yazid has been an active Internet evangelist at various forums such as the Benin DNS Forum, fellow researcher at AFRINIC, Universal Acceptance Steering Group, ISOC Benin, AFRALO, Non-commercial Users Constituency (NCUC), and Non-commercial Stakeholder Group (NCSG) where he has contributed to several initiatives across these groups. Yazid has also served as vice-president of ISOC Benin Chapter.

Don Stikvoort is founder of the companies “S-CURE” and “Cross Your Limits”. S-CURE offers senior consultancy in the area of cyber security – specialising in CSIRT matters. Cross Your Limits coaches and trains in the human area. Based in Europe, Don’s client base is global.

After his MSc degree in Physics, he became Infantry platoon commander in the Dutch Army. In 1988 he joined the Dutch national research network SURFnet. In that capacity he was among the pioneers who together created the European Internet since November 1989. He recognised “security” as a future concern in 1991, and was chair of the 2nd CSIRT in Europe (now SURFcert) from 1992-8, and FIRST member since 1992. Today Don is a FIRST Liaison Member.

Together with Klaus-Peter Kossakowski he initiated and built the closer cooperation of European CSIRTs starting in 1993 – this led to the emergence of TF-CSIRT in 2000. In 1998 he finished the "Handbook for Computer Security Incident Response Teams (CSIRTs)" together with Kossakowski and Moira J. West-Brown of CERT/CC. He was active in the IETF and RIPE (co-creator of the IRT-object). Don chaired the Program Committee for the 1999 FIRST conference in Brisbane, Australia, and kick-started the international FIRST Secretariat in the same year. From 2001-2011 his company ran TF-CSIRT’s Trusted Introducer service. He wrote and taught several training modules for the CSIRT community.

In 1998 Don started his first company. A first assignment was to build the network connecting over 10,000 schools in The Netherlands. Many CSIRTs were created with his help and guidance, among which the Dutch national team (NCSC-NL). Second opinions, audits and maturity assessments in this field have become a specialty – and in that capacity Don developed SIM3 in 2008, the maturity model for CSIRTs which is used worldwide today for maturity assessments and certifications. SIM3 has is now under the wings of the “Open CSIRT Foundation” (OCF). Don was one of the founders in 2016 and now chairs its board.

Starting in 1999, Don was certified in NLP, Time Line Therapy®, Coaching and Hypnotherapy, and brought that under the wing of “Cross Your Limits”, which portfolio is life & executive coaching, and training courses in what Don likes to call “human arts”. He also trains communicators, presenters and trainers, including many in the CSIRT field.

Don thrives as motivational and keynote speaker. He enjoys to share his views on how the various worlds of politics, economics, psychology and daily life, but also cyber security, all intertwine and relate – and how deeper understanding and a better ability to express ourselves, increase our ability to bring good change to self as well as the world around us. He has discussed such topics all over the world, from Rome to the Australian Outback. His goal is to challenge his audience to think out-of-the-box, and motivate them to be the difference that makes the difference, along the lines of the old African proverb:

“If you think you’re too small to make a difference, try sleeping in a closed room with a mosquito”.

Data Privacy in Africa over the past years has seen some significant growth largely within the space of policymaking, directives, and regulations with about 33 countries enacting related laws as of 2021. This has been driven by efforts to ensure the protection of data as fundamental to the rights of citizens and also with the upsurge of global commerce in the digital economy age.

The success of global privacy programs involves the implementation of effective administrative and technical controls that will ensure compliance with the relevant regulatory regimes including the lawfulness of processing, the cross-border data flow requirements, and data security safeguards. The journey towards compliance has focused more on the education and awareness of what these regulatory requirements are, and conspicuously missing out on the implementers of technical controls, i.e. the technology professional’s role, an important stakeholder who must be involved and own key processes within the data processing value-chain.

This presentation will highlight the role of technology professionals in the effective implementation of data privacy controls and the protection of information relevant to the ultimate compliance requirement.

Albert Seshie is an Information Security, Audit, Privacy Professional & Trainer with over 13+ years in Industry. He is a committed member of prestigious ISO Certification, Information Security, Audit, Privacy & Training bodies such as PECB, ISACA, (ISC)2, IAPP, IIA, IIPGH & EC-Council. Though coming from a non-technical background, his passion for technology, information security and training has driven him to achieve industry certifications such as CISM, CEH, C|HFI, MCSA, ISO 27001 LI/LA. ISO 22301 LI, ISO 27032, ITIL, Prince2, CoBIT, PSM1, CIDM, (ISC)2 CC, VCA-DCV, VCA-Cloud, NSE1, NSE2, PECB Trainer-ISO 27001 ISMS Auditor and currently pursuing his MSc. Information Technology. His areas of specialties are Information Security, Audit, Data Center Infrastructure + Cloud Security Management, Enterprise Security / Risk Management, Privacy and IT/Security Training, Technology Pre-Sales, Vulnerability Assessment, Unified Communications and Collaboration, Incident Management, ISO 27001:2013 Implementation & Auditing, Cyber Security Threats Management, Business Continuity, IT Service Management, Data Protection/Privacy & Training. In his free time, he volunteers on several projects with Africa Digital Rights Hub' and has been a speaker at the Data Protection Africa Summit (2018/2019 and 2022)

The open-source community is rapidly growing both in size and importance as individuals and organizations are increasingly reliant on OSS (open-source software) to meet business needs within shorter time frames. Widespread use of open-source software has motivated malicious actors to take advantage of the medium, spawning significant and widespread attacks. This talk is about showing recent examples of how we were able to detect advanced Attckrs ( Red-Lili), new trends ( Protsware), and new trends we are seeing. We will also share some open-source tools that help participants to better defend against those attacks.

Tzachi Zorenshtain is the Head of SCS, Checkmarx. Prior to Checkmarx, Tzachi was the Co-Founder and CEO of Dustico, a SaaS-based solution that detects malicious attacks and backdoors in open-source software supply chains, which was acquired by Checkmarx in August 2021. Tzachi is armed with more than a decade’s worth of experience in cyber-security, specializing in building advanced malware research systems. Prior to Dustico, Tzachi’s tenure at Palo Alto Networks, Symantec and McAfee deepened his passion towards contributing to the developer and cybersecurity space and saw him building custom security architectures and hunting for advanced Cyber-attack groups.

An IAM system introduces risks to the enterprise, but the consensus is the benefits of IAM outweigh the drawbacks. Businesses leaders and IT departments are under increased regulatory and organizational pressure to protect access to corporate resources. As a result, they can no longer rely on manual and error-prone processes to assign and track user privileges. That is where identity and access management or IAM comes in.

Nermen Ibrahim is a 20-year information technology veteran with a focus on information security and network security. She currently serves as the Head of Identity and Access Management Engineering at Banque Du Caire. Her technical expertise and analytical skills, honed through 9+ years in the information security field and 10+ years of professional experience, have earned her recognition as a privacy and risk management professional.

Ms. Nermen holds a Master's in Information Security from Nile University and is certified in CEH and CEI. She has also completed courses in CISSP, CRISC, ECSP.Net, CISM, PCI-DSS, MOBILE BANKING MASTERCLASS, SWIFT CSP, Digital Transformation, Fintech, CIMP, and Blockchain.

Ms. Nermen’s skills were acknowledged in 2018 when she placed third in the CTF Women in Security competition. She also delivered a speech at the 2018 Arab Security Conference on the topic of "Common Vulnerabilities in Online Payment Systems."

In summary, Ms. Nermen is a highly capable information technology professional with a proven track record of excellence in her field.

RTIR is an opensource and most popular security incident ticketing system, created for national and sectorial CSIRTs' communication and activity management needs. Once the tool is understood well by the CSIRT team members it can bring tremendous value in maturity of incident response, coordination, and efficiency of staff. RTIR was designed based on the needs of CSIRTs to support Incident handling process specific for CSIRTs. The training provides skills of the RTIR ticketing system web interface, workflow, gives practical examples of incident case management. Cloud lab environment is used by participants to connect and access RTIR system.

Marius Urkis is a CSIRT/SOC architect, with 20+ years of experience in the Incident management area. At NRD Cyber Security he leads CSIRT operations: security incident prevention, detection, triage and recovery. He also worked in CSIRT capability, maturity, and capacity building projects in different countries around the world.

This course is created to help participants learn more about cyber open source intelligence as well as to provide them with the necessary skills and background to get started in this sector. OSINT is used to detect vulnerabilities in apps, networks, physical penetration tests, and when putting security awareness initiatives to the test through Social Engineering efforts. Various vectors utilized in OSINT will be addressed throughout training. Each topic will be taught with real live examples of how to overcome specific challenges in a genuine assault situation. The course will cover both theory and hands-on practice in our lab.

Moataz Salah is a cyber security entrepreneur with 15+ years of experience . He is the founder of CyberTalents, a platform for top talented cyber security professionals. CyberTalents is a global platform for learning, practicing, and testing cybersecurity skills. We provide our customers with a platform to host their CTFs, gamified training solutions, security recruitment services, and CSaaS. Moataz helped to run 200+ CTF events on his platform in addition to building the largest database of cybersecurity professionals in MENA and was able to provide cybersecurity jobs to hundreds of cybersecurity talents. In 2010, Moataz launched the most valuable cyber security conference in Egypt, Cairo Security Camp, since the launch, is the must attend conference for all cyber security Community.Moataz focuses on building the cyber security awareness culture in the Arab community through his conference, competitions, boot camps with a clear objective to discover young cyber security talents in this part of the world through his platform https://cybertalents.com/ .Before launching CyberTalents, Moataz has been working for a couple of international companies including Intel and Valeo after being graduated from the faculty of engineering, Communication department, Alexandria university.

Nowadays the rampant use of IoT devices has maintained a huge standard way of living in society. It is a general term for devices, having an internet connection, and exhibiting intelligence by communicating and exchanging information. Modern homes now have a network whereby household equipment such as fridges, thermostats, etc. are capable of being in an environment where they all exchange information. However, there are a lot of problems and limitations with these devices in terms of security. Additionally, on Top of the insecurity posture, they pose some challenges to forensic investigators who find it hard to retrieve shreds of evidence and artifacts from these small devices. Objectives. I illustrated exploits on Philips hue bridge and conducted digital forensics to retrieve artifacts in a forensic sound manner.

Joel Kashaija: Full time I work as Systems Security Engineer at EPAM actively in DFIR role. Partime I run and manage my startup Shield Tech Hub that among other services it primary focuses on cyber security. In my spare time am also a PhD candidate currently researching on cyber security resilient critical infrastructure systems in Kharkiv National University of Radio Electronics

ITU with the collaboration of Home Office UK is supporting the implementation of National cybersecurity strategy in Rwanda using the latest Guide to developing a national cybersecurity strategy. Learn more at: https://www.itu.int/en/ITU-D/Cybersecurity/Pages/cybersecurity-national-strategies.aspx

Serge Valery ZONGO is currently Program Officer at the International Telecommunications Union (UN lead agency for Information and Communications Technologies) and Cybersecurity focal point for Africa region. He worked more than 15 years in information technology and management field in leading interconnection and telecommunications companies. The last eight years, he coordinates ITU’s initiatives in Africa in building trust, Cybersecurity culture reinforcement for ITU Members and boosting digital innovation ecosystem with a focus on national cybersecurity strategies and CIRTs, Cyberdrill and capacity building. He believes that an integrated and well-aligned synergy of cybersecurity initiatives in the continent is a key enabler of digital transformation in the region. Serge Valery’s broad experience in the Telecommunications/ICT sector spans over private and public sectors. He holds advanced degrees in Engineering, Computer Information Systems, management and finance.

The journey of malicious traffic starts at IoT devices, they are targets for malicious actors in part because they didn’t have robust security or identity on the network. We will look at current IoT interoperability standards (OCF, CSA/Matter) and how they address security and malicious traffic. The next filter is how to identify and isolate infected devices on your network using existing mitigation tools from different angles. The last filter is a training session on the distribution and use of a document that targets the person(s) in the IT/Security lead role at midsize businesses who have device(s) that are infected with malware – what should they do to respond if they find themselves a victim of a ransomware attack.

Brian Scriber is a Distinguished Technologist at CableLabs and is the Vice President of Security and Privacy Technologies. Brian works with technology policy, wired, and wireless networking leaders on security strategy and implementation using advanced technologies and techniques including PKI, blockchains, encryption, and differential privacy.

Brian holds a B.S.E in Computer Engineering (University of Michigan) a M.S. in Computer Science (University of Colorado), and an M.B.A. in Technical Strategy (University of Colorado). Brian serves on the Board of Directors for both the Open Connectivity Foundation (OCF), the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG), and the Colorado Science and Engineering Fair (CSEF); he also engages in several other industry standards organizations. Brian brings his extensive experience in software, security, privacy, and cryptographic governance to both the economic and technical analysis activities.

Brian’s background includes technical and executive leadership roles creating and protecting strategic network communications at companies including Nortel, Lockheed Martin, FedEx, and Sun Microsystems. Brian’s focus has been on protecting critical data in the financial, insurance and healthcare sectors, as well as protecting privacy and portability of personal information in other markets.

The ever-changing cyber landscape teaches that the cyber world is no longer one where only technical professionals have the responsibility to protect society. At the same time, emerging technologies, surging threats, risk, and compliance demands, in addition to the requirement to adapt practices and controls to the cloud and remote work, demand skilled security teams. The panel will explore lessons learned and good practices to develop cybersecurity talent, different pathways to enter the cybersecurity workforce, and meeting the demand to establish more entry-level positions and opportunities that provide avenues for growth and advancement.

• How cybersecurity education has evolved
• Cybersecurity skills gap
• Leveraging several channels to meet trainees where they hang out,
• Explore ways of developing a curriculum for the current and future cybersecurity workforce.
• Building Bridges in the Cyber Labor Market

Moderated by: Jean-Robert Hountomey works as a cybersecurity researcher for a global technology leader. His investigation areas include Cybersecurity Health and Maturity, Product Security, Privacy Engineering, Secure Software Development Life Cycle, Incident Management, Vulnerability Research, and Technology Policy. Mr. Hountomey contributes to the community as a co-founder of the Africa Forum of Incident response and security teams (AfricaCERT), and the African Anti-Abuse Working Group. He also contributes to FIRST SIGs, CVE Outreach, AUCSEG, ISOC, ICANN, AfriNIC, AfNOG, etc... At AfricaCERT his focus covers issues and opportunities related to law, technology, and Internet Governance, standards on digital security, cyber workforce, and recently ICS/OT Cybersecurity.

Professor Assane Gueye joined Carnegie Mellon University Africa on August 1, 2020. Prior to joining CMU Africa, he was a faculty member at the ICT Department at the University Alioune Diop of Bambey, Senegal, where he also leads the research group “Technologies de l’Information et de la Communication pour le Développement” (TIC4Dev). Gueye also holds a guest researcher position with the National Institute for Standards and Technology, Gaithersburg, Maryland, USA.

Assane completed his Ph.D. in electrical engineering and computer sciences from UC Berkeley in March 2011. He received a master’s degree in 2004 in communication systems engineering from Ecole Polytechnique Fédérale de Lausanne, Switzerland.

His research focuses in two main areas: performance evaluation and security of large-scale communication systems, and information and communication technologies for development (ICT4D). Assane is a Fellow of the Next Einstein Forum (Class of 2016). In 2019 he was nominated as a member of the European Alliance for Innovation (EAI) inaugural Fellow Class.

Audrey Mnisi Mireku is a cybersecurity professional with over 22 years of working experience. A core founder for Future Jewels, a child online protection NGO, Vice president for Women in Cybersecurity West Africa affiliate ( WiCyS WA) and a board member of the Forum of Incident Response Security teams. She was part of the team that built the Ghana Cyber Security Authority, contributed towards drafting the Ghana Cyber Security Act, ACT 1038 and Ghana's National Cyber Security Strategy, and led the setup and operationalisation of Ghana's National CERT and led the team into joining FIRST in 2019. Audrey has remarkable work experience in both the private and public sectors; she worked for institutions such as The Central Bank of Eswatini, the US Embassy in Eswatini, Millicom Ghana, National Cyber Security Authority and is currently the Chief Information security and risk Officer at the Ghana Association of Banks.

Moataz Salah is a cyber security entrepreneur with 15+ years of experience . He is the founder of CyberTalents, a platform for top talented cyber security professionals. CyberTalents is a global platform for learning, practicing, and testing cybersecurity skills. We provide our customers with a platform to host their CTFs, gamified training solutions, security recruitment services, and CSaaS. Moataz helped to run 200+ CTF events on his platform in addition to building the largest database of cybersecurity professionals in MENA and was able to provide cybersecurity jobs to hundreds of cybersecurity talents. In 2010, Moataz launched the most valuable cyber security conference in Egypt, Cairo Security Camp, since the launch, is the must attend conference for all cyber security Community.Moataz focuses on building the cyber security awareness culture in the Arab community through his conference, competitions, boot camps with a clear objective to discover young cyber security talents in this part of the world through his platform https://cybertalents.com/ .Before launching CyberTalents, Moataz has been working for a couple of international companies including Intel and Valeo after being graduated from the faculty of engineering, Communication department, Alexandria university.

Abigail Dede Okley - is a Consultant in Deloitte’s Risk Advisory. She plays active roles in providing Information Security, Implementation of ISMS and PCI DSS Standards, IT Audit and Vulnerability Assessment and Penetration Testing (VAPT) for clients in different sectors of the economy. She involves in helping organizations conform to standards and regulations. She supports organizations in implementing international best practices such as ISO 27001, ISO 20000, ISO 22301, PCI DSS, Data Privacy and compliance, Risk assessment and management (ISO 31000 and 27005)

Abigail holds a Master's Degree in Digital Forensics and Cybersecurity, and certifications in Information Security. She has relevant skills in implementing information security standards, audits, and Vulnerability assessments.

She has worked with various organizations in different sectors of the economy, assessing readiness for regulations and guiding the implementation of policies and processes to achieve compliance. She has assisted with numerous vulnerability assessment engagements to identify and remediate critical security flaws within enterprise networks.

Martin Koyabe has over 25 years of experience working on ICT deployment, innovation, research and development, policy, regulation, and legislation. He is currently a consultant and lead technical expert for the Global Forum on Cyber Expertise (GFCE) and leading the African Union (AU)-GFCE Collaboration Project to enhance Cyber Capacity Building (CCB) and Cyber Resilience across all 55 AU member states. Prior to joining the GFCE, he was the Head of Technical Support & Consultancy (TSC) Division at the Commonwealth Telecommunication Organisation (CTO) in the UK for seven 7 years. He was responsible for managing the delivery of ICT technical support and development assistance to the Commonwealth (which consists of 56 member countries) and beyond.

Before joining the CTO, he worked as a Senior Researcher & Technical Lead with British Telecommunications (BT) for 10 years. While at BT he worked on various major projects including BT 21st Century Next Generation Network, developing ICT security solutions, policy, and strategies for BT’s lines of business, including cutting-edge research on Future Internet Architecture, and development of a Global Best Practice framework for mitigating Distributed Denial-of-Service (DDoS) on the Internet.

Martin has been involved in various ICT projects mainly in Europe, the US, the Caribbean, Asia Pacific, and extensively in Africa. He is also a technical expert for the European Commission (EC), World Bank, UN, ITU, and the GFCE. He has led and delivered a number of national strategies in Cybersecurity, Broadband, Telecommunication Regulation, and Digital Transformation for a number of organisations in various countries.

In addition to the current AU-GFCE Collaboration Project, he has led various other global projects, working with various countries, to develop National Cybersecurity Strategies, National Broadband Strategies, Universal Service Funding Frameworks, CERT/CSIRT, Regulations, Policies and Legislations. Some of these countries include Botswana, Cameroon, Uganda, Fiji, Malawi, Mozambique, Tanzania, Senegal, Eswatini, Ghana, Nigeria, Sierra Leone, Kenya, Rwanda, Bangladesh, Seychelles, Namibia, Pakistan, Sri Lanka, India, The Commonwealth of Dominica, Bermuda, Afghanistan, Jamaica, St. Kitts & Nevis, Montserrat, Trinidad & Tobago, South Africa, and Liberia.

Martin is accredited for being among the first Kenyan Internet engineers to bring Full Internet deployment to Kenya in the mid-90s, while working as Principal Engineer for African Regional Centre for Computing (ARCC), Nairobi, Kenya. He was instrumental in reviewing various key ICT related legislations, regulations and policies for the Republic of Kenya.

He has a PhD in Communications Engineering and holds several patents. He is an alumni of Egerton University (KE), Nairobi University (KE), Bristol University (UK), University of Aberdeen (UK), Cambridge University, Judge Business School (UK), and Harvard Kennedy School (USA).

Responsible State Behaviour in Cyberspace.

Audrey Mnisi Mireku is a cybersecurity professional with over 22 years of working experience. A core founder for Future Jewels, a child online protection NGO, Vice president for Women in Cybersecurity West Africa affiliate ( WiCyS WA) and a board member of the Forum of Incident Response Security teams. She was part of the team that built the Ghana Cyber Security Authority, contributed towards drafting the Ghana Cyber Security Act, ACT 1038 and Ghana's National Cyber Security Strategy, and led the setup and operationalisation of Ghana's National CERT and led the team into joining FIRST in 2019. Audrey has remarkable work experience in both the private and public sectors; she worked for institutions such as The Central Bank of Eswatini, the US Embassy in Eswatini, Millicom Ghana, National Cyber Security Authority and is currently the Chief Information security and risk Officer at the Ghana Association of Banks.

Based on learned lessons from investigating ransomware attacks targeting critical information systems and run by some of the most sophisticated APT groups, the presentation will go through the operation mode by exposing the most used techniques in every step of the cyber kill chain, then it will focus on the investigation side from the detection to the recovery of all operations. A set of recommendations will be presented on how the conduct the investigation and how to progressively restore all information system functions and how to deal with cybercriminals. A self-assessment toolkit will be presented which helps to measure information system readiness to defend against ransomware attacks.

Haythem El Mir is a cybersecurity expert with 20 years of experience. Currently, Mr. El Mir is the CEO of Keystone, a cybersecurity consulting company working on MEA region, and manager CSIRT.tn. With Keystone, Haythem is advising governments, critical sectors and big companies to develop their cyberdefense program and cybersecurity strategies.

As a specialist in critical information infrastructure protection (Banking, Telecom, Government, Industry), Mr. El Mir has participated in numerous cyber security projects in the Africa and Middle East regions. He helped also to set up about 15 CSIRT and projects.

Insecure routing is one of the most common paths for malicious threats to networks. Inadvertent errors can take entire countries offline, and attackers can steal an individual's data or hold an organization's network hostage. A network's safety depends on a routing infrastructure that weeds out bad actors and accidental misconfigurations that wreak havoc on the Internet. The session will cover the importance of routing security in improving overall Internet security.

Kevin Chege is the Director - Internet Development at the Internet Society. He is currently engaged in several projects at ISOC related to technical capacity building, building communities of practice, and Internet measurements. He helps design technical online teaching content, courses and online labs used to train network engineers. He also helps out as an instructor at various NOGs and NRENs in Africa and has also helped to get several NOGs and tech forums in Africa started. He is based in Nairobi, Kenya. Kevin holds a Master's Degree in Information Security from the Lulea University of Technology (Sweden). I am also a Certified Information Systems Security Professional (CISSP by ISC2) and a Certified Information Privacy Manager (CIPM by IAPP).

CSIRTs and SOCs, which aim to improve cyber security in companies and organizations, are active worldwide. On the other hand, cyber-attacks continue to become more sophisticated, and cyber-security increasingly requires functions that have not been required of CSIRTs in the past, such as strategies and policies. Based on this understanding, this workshop will introduce the "Cyber Defense Centre" framework, which was discussed in ITU-T and standardized in 2021, and discuss how it can support cyber security measures of enterprises and countries in Africa.

https://www.itu.int/rec/T-REC-X.1060-202106-I

Koichiro Komiyama is the Director of the Global Coodination Division at JPCERT/CC, the Japanese Computer Emergency Response Team. He was a FIRST Board of Directors from 2014-2018. He was awarded the AfricaCERT Meritorious Service Award In 2016 for his contribution to AfricaCERT's establishment.

M. Arnaud Taddei is a Global Security Strategist for Symantec, a Division of Broadcom Software Group. In his role, M. Taddei has two inter-related missions as he supports:

a) the development of strategic directions for the top Broadcom world wide customers and he developed a unique method to create solid relationships with customers executives and project thought leadership through specific knowledge sharing and workshop models.

b) the development of security through his engagement in International Standards Defining Organizations (SDO) such as the International Telecommunication Union (ITU) where he was diplomatic elected as Vice Chairman of Study Group 17 and Associate Rapporteur for Emerging Technologies at the Telecommunication Standards Advisory Group (TSAG) of the ITU-T. He participates as well to the Internet Engineering Task Force (IETF) where he develops ideas on Network Encrypted Traffic Management through Internet Drafts.

Dr. Jema David Ndibwile is an assistant teaching professor in cybersecurity at Carnegie Mellon University. He previously worked at the Nelson Mandela African Institute of Science and Technology as an IT network specialist and a lecturer in cybersecurity. Ndibwile’s current research interests encompass usable privacy and security, hacking countermeasures, the impact of artificial and human intelligence on cybersecurity, and social engineering approaches. He also has expertise assisting the cybersecurity teams in areas such as communication, IT network architecture and in-network, service security, security testing, and developing security concepts for mobile and stationary networks. He has extensive experience in ethical hacking/penetration testing, digital forensics, and project management leveraging tools such as Kali Linux, Parrot OS, Cellebrite, and many others.

Dr. Nnenna Ifeanyi-Ajufo is an Associate Professor of Law and the Head of Law at Buckinghamshire New University, United Kingdom. She is also a non-residential Technology and Human Rights Fellow at the Carr Centre for Human Rights Policy at Harvard University for the 2022-2023 academic year. Her teaching and research interests relate to the intersection of law and technology, including the governance of emerging technologies, cybercrime, digital rights and rule of law in cyberspace. She holds an LLM in International Information Technology Law, MA in African Studies and LLD in International Law. She is also a member of the International Law Association Steering Committee on Digital Challenges for International Law and a Senior Research Fellow at the African Centre for International Criminal Justice. She was nominated by the United States Mission to the African Union to participate in the U.S. Department of State International Visitors Leadership Programme (IVLP) on ‘Promoting Cybersecurity’ 2022 and was a Mentor on the ITU Women in Cybersecurity Mentorship Programme 2022. She has also been invited as an expert or appointed as a consultant by distinguished organisations such as the Chatham House, the African Union, the Commonwealth and the United Nations Economic Commission for Africa. She is presently the Lead Consultant on the United Nations Economic Commission for Africa’s cybersecurity projects and served as a Consultant for the Chatham House Africa and Asia-Pacific Programme project ‘Roadmap for Digital Cooperation: A South-South Approach’. Nnenna is also the Vice-Chairperson of the African Union Cyber Security Experts Group (AUCSEG) and has been effectively involved in advising the African Union Commission (AUC) on existing international, regional and national legal frameworks related to cybersecurity, as well as promoting cybersecurity in the region. She has written for a vast range of research projects, journals and media publications including engaging in media debates on governmental initiatives and policies related to cybersecurity, the rule of law in cyberspace and generally, the governance of digital technologies.

Anat Lewin the World Bank’s Global Lead for Digital Safeguards, covering Cybersecurity and Data Protection. She leads a team working on policy advice and investment lending activities in Cybersecurity, Data Protection and Data Governance.

Anat advises developing country governments on establishing good practice policies, strategies, institutional governance frameworks, technical and operational capabilities and digital skills programs that are supported by large-scale financing by the World Bank.

Anat holds a Master of International Affairs from Columbia University in New York and a Bachelor of Arts in International Relations from the University of Toronto, Trinity College, in Canada. She studied International Relations at the Hebrew University of Jerusalem and Arabic at the University of Jordan in Amman.

Prior to joining the World Bank in 2000, Anat worked for the United Nations Economic Commission for Africa in Ethiopia as an ICT Project Manager.