Kuwait Workshop Cyber Security Practices and Techniques

Download

Kuwait Workshop Cyber Security Practices and Techniques

UAB Activity
2020

BACKGROUND

The number and the sophistication of Cyber attacks is growing at a very fast pace which is creating new security challenges for the financial sector around the globe and especially in the Arab region proceeding from this reality it became crucial to intelligently address the new threats and effectively manage the associated risks in order to ensure the confidentiality, availability and integrity of the data and information.

Year 2019 was associated with significant changes in the cyber threat landscape, Cyber diplomacy, cyber-defense and cyber-war regulation have dominated the headlines worldwide.

Although developments have been achieved from the side of defenders through the emergence of new concepts and practices such as active defense, Cyber Threat Intelligence, Information sharing and Artificial Intelligence, the skills and capability building remain the major focus of defenders, and the banking industry is still in need to developed the culture, knowledge, and training in new methods to face cyber security threats.

Hence the importance of holding this workshop organized by the Union of Arab Banks in collaboration with Kuwait Banking Association.

OBJECTIVE

By attending this workshop cyber security, participants will have a comprehensive view of existing standards, frameworks and security best practices. It will be also an effective way to share hands-on skills and to pass on new ideas and useful methods used by experts in Cyber security.

WHO SHOULD ATTEND

  • Information / Cyber security professional.
  • IT professionals.
  • Web administrators.
  • IT auditors.

MAIN TOPICS

DAY 1

  • Major Cyber security incidents in 2019 and Q1 2020
  • The threat landscape evolution
  • Cyber threats in financial sector: Future and challenges
  • Threat profiling
  • State of Cyber security in the Arab countries.
  • Circulars and Regulations & GDPR
  • The use of intelligence techniques in cyber security.
  • Demos:
  1. OS platform attacks.
  2. Web based attacks.
  3. E-mail attacks.
  4. Physical access attacks.
  5. Social engineering attacks.
  6. Wireless attacks.

DAY 2

  • Data disposal and data recovery techniques.
  • Cryptography and Digital Signatures.
  • The attack life cycle.
  • APT Preventive controls and techniques.
  • Sandboxing techniques and tools.
  • Cyber security top 20 controls- SANS.
  • Vulnerability Scanning techniques and tools (Demos included)
  • Penetration testing frameworks and (Demos included)
  • Recommended Blue/Red Teaming exercises

DAY 3

  • Secure design for your Infrastructure.
  • Cloud Computing in Financial sector : future and best practices
  • Physical Security attacks and remediation.
  • Security Hardening Checklists (Recommended resources and demos)
  • Forensics:
  1. Analyzing your logs.
  2. Malware investigation techniques.
  3. Utilizing A.I. in Threat Hunting
  4. Incident response and SOAR (Security Orchestration, Automation and Response)
  5. Implementation, configuration and optimal use of a Malware Information Sharing Platform (MISP).

SPEAKER:

Mr. Jean Michel Kawkabani

  • Head of Information Security Department at Byblos Bank Group – Lebanon.
  • He is a Certified Information Systems Auditor (CISA) from ISACA and a Lecturer at University Saint Joseph-ESIB and Ecole Nationale D’Administration (ENA) Lebanon.
  • Prior to his current position, Jean Michel was respectively the Head of IT Audit and the Head of MIS at Byblos Bank Group. He graduated from the French engineering school Ecole Nationale de la Statistique et de L’Analyse de L’Information (ENSAI) and holds also a degree in Economics from Saint Joseph UniversityLebanon.
  • Jean Michel has been an Information Systems professional for more than 20 years including 17 years of Information Security and IT Audit in the financial industry. He delivered several MIS, Design, programming and Information Security courses in Universities across the country. He has a long experience with risk and Vulnerability assessment and is a QUALYS Certified Specialist. • His current focus, in addition to his responsibility at Byblos Bank is around Digital Forensics, Artificial Intelligence, intelligence techniques