Sally Abou Melhem <sa256@aub.edu.lb>, Office of Communications
“The digital transformation occurring globally brings with it new threats and risks. The time has come for everyone to learn how to live in this digital world safely and securely," said AUB's Chief Information Officer Yousif Asfour. He added that this forum, the first Cyber Security Day to be held in Lebanon, was to “create awareness, trigger engagement, and shed light on the critical areas in cyber security."
Organized by AUB in collaboration with the Compact Muon Solenoid (CMS) Experiment, part of the European Organization for Nuclear Research (CERN), and partner universities, Cyber Security Day brought together hundreds of attendees including speakers and participants from the corporate, academic, and government sectors as well as industry leaders, students, and enthusiasts.
CERN's Deputy Computer Security Officer Sebastian Lopienski delivered the keynote address on “Computer Security in 2019." He spoke about where we are now, what can be expected, and how to defend our organizations. The forum also included talks delivered by industry leaders on financial cyber security threats, artificial and human intelligence to secure corporate data, the intersection of risk management and security operations, and ransomware defense.
During the forum, three diverse panel discussions were held. The first included academic panelists who explored where research and university programs are in terms of being up-to-date as well as innovative. The second panel consisted of industry leaders who discussed the status what is on offer and in demand, as well as needed skills in the cyber security market. The third panel brought together representatives from governmental and national organizations such as the Internal Security Forces, the Lebanese Army, the Commercial and Civil Status Chamber in North Lebanon, Ogero, and Banque Du Liban, who went over what is being deployed in their cyber security, as well as the infrastructure in Lebanon.
Moreover, four parallel workshops were offered throughout the day. One of them was on cyber security for small and medium-sized enterprises. It included an overview of the local cybersecurity industry and current threat landscape, and a live disaster demo of a ransomware attack and how to detect and remediate it.
A second workshop discussed one of the most recent attack categories in the cyber world, cryptojacking, which involves utilizing other people's machines—without their consent, authorization, or awareness—to mine one's own cryptocurrency. The workshop introduced the basics of cryptocurrency and blockchains (systems that maintain a record of transactions made in a cryptocurrency), showed real-world incidents of cryptojacking, demonstrated how cryptojacking can be implemented and scripted, and taught participants how to detect cryptojacking attacks and protect against them.
Another workshop was on web application penetration testing, also known as ethical hacking, which is one of the ways to identify vulnerabilities in computers and networks, and thus protect them from malicious attacks. This workshop offered participants some tools and techniques, as well as an overview of the mindset of an ethical hacker.
The forum also included a “gamification tournament" that trained and tested participants on secure coding skills. Participants were asked to read code, identify the vulnerable parts, and then fix the issue. Prizes for top scorers were offered by CYVYS, a cybersecurity startup in Lebanon that promotes secure code development and discovers system vulnerabilities through a platform for crowdsourced penetration testing.
Moving forward, and aiming to empower computer science and engineering students to gain practical experience in cybersecurity, starting with mastering secure code development, AUB and CYVYS agreed on working closely to hold a series of lectures, workshops, internships, and joint research projects.