FIRST & AfricaCERT Virtual Symposium for the African and Arab Regions
This virtual symposium will be co-hosted by AfricaCERT and TunCERT.
Participants are expected to be comprised of global FIRST Member Teams and CSIRTs from the African and Arab regions. FIRST also expects to attract network operators, anti-abuse teams, and other security professionals from the African and Arab regions.
Program Agenda At-A-Glance
• December 7 | 11:00-18:15 UTC - Plenary Topics - Plenary Panel Discussions: Regional and International Initiatives, Frameworks and Related Standards, Open-source Tools and CSIRT Success Stories, Open Data (OSINT) and Threat Intelligence Sharing Platforms and Tools, Observed Malicious Cyber Criminality During COVID in the African and Arab Regions.
• December 8 – 11:00-15:00 UTC - Technical and Management Training Tracks - Training Opportunities: Open-source Tools for CSIRTs, MITRE ATT&CK Fundamentals, CSIRT Maturity Modeling, Protective DNS – Why It Matters and How to Deploy It On-prem. Designing and Running Cyber-exercises for CSIRTs.
• December 9 – 11:00-15:00 UTC - Technical and Management Training Tracks - Training Opportunities: Incident Response and Classification Workshop, MISP Fundamentals, National Cyber Crisis Management.
The event will be presented in English with French translation available during the plenary sessions on December 7.
Protecting the healthcare sector from cyber harm
15:00 – 17:00 CEST
If the past year has taught us anything, it has to be that we need to protect the healthcare sector from cyberattacks. Between January and August 2021 alone, the CyberPeace Institute recorded 77 disruptive attacks on healthcare organizations, of which the majority resulted in operational disruptions to the sector. These have a direct human impact as people are unable to access healthcare services, a basic human right.
The Czech Republic, the CyberPeace Institute, and Microsoft are taking action. Together, they kick-started the ‘Protecting the Healthcare Sector from Cyber Harm’ project which, over a series of thematic workshops, brings together healthcare, cybersecurity, and regulatory experts to identify good practices needed to protect this vital infrastructure. This is a multistakeholder issue that requires the attention of government, industry and civil society actors in order to come up with truly global solutions.
This event will explore challenges pertaining to, inter alia, accountability, state responsibility, due diligence, international human rights law, International Humanitarian Law, sovereignty and non-intervention as well as the use of force. It will explore existing initiatives and outcomes, including innovative recent ones such as the Oxford Process, with the aim of distilling good practices and recommendations, which we will endeavour to compile in a compendium to be published at the end of the workshop series.
Strengthening inclusive cybercrime policymaking: Europe regional consultation
12:00-3:30 PM (UTC)
Join Chatham House and the EU Cyber Direct project for this virtual regional consultation, intended for civil society, the private sector and other non-state stakeholders from the wider European region to share their perspectives on developing a new international convention on cybercrime, pursuant to United Nations General Assembly resolution 74/247.
As the United Nations prepares to negotiate a new convention on cybercrime starting in January 2022, it is vital that non-state stakeholders (such as civil society, the private sector, academia, and the technical community) have the opportunity to meaningfully share their opinions and concerns.
To this end, Chatham House’s International Security Programme is facilitating a series of virtual regional consultations to engage with non-state stakeholders from different regions during the negotiations on cybercrime, providing a platform for sharing knowledge, information and positions on different issues.
- Joyce Hakmeh, Senior Research Fellow, International Security Programme; Co-Editor, Journal of Cyber Policy.
- Patryk Pawlak, Brussels Executive Officer, European Institute for Security Studies.
Cybersecurity Crossroads: The Intersection of Information, Technology, and People
October 27, 2021 11:00 am - 3:00 pm (ET)
Join the National Cyber Security Alliance and Nasdaq for the 2021 Cybersecurity Summit, “Cybersecurity Crossroads: The Intersection of Information, Technology, and People.” The challenges faced by the cybersecurity community today are hitting mainstream headlines. However, new approaches to information sharing, securing technologies, and human-centric cyber training can empower organizations and professionals to enable a safer, more secure world.
In honor of Cybersecurity Awareness Month, experts will delve into the current cybersecurity landscape, and discuss how looking at cybersecurity as an intersection of information, technology and people can secure its future.
Sessions will include:
- Flipping the Switch: Prioritizing People in Cybersecurity
- Global Information Sharing to Disarm Cyber Criminals
- The Cybersecurity Solution: Educating Future Leaders
- Fireside Chat: The Supply Chain Ripple Effect
Responsible state behaviour in cyberspace at the United Nations: How can the multistakeholder community ensure that existing agreements become a reality?
3 November 2021 at 11:00 EDT /15:00 UTC / 17:00 CEST
In an effort to build on the December 2020 and February 2021 Let’s Talk Cyber multistakeholder discussions and to mark the launch of their new multistakeholder engagement website, currently under construction, the LetsTalkCyber Initative, is organizing a virtual session titled: “Responsible state behaviour in cyberspace at the United Nations: How can the multistakeholder community ensure that existing agreements become a reality?“
In the first half of 2021, two United Nations (UN) processes successfully concluded with the adoption of two consensus reports by the GGE 2019/2021 and the OEWG 2019/2021, re-affirming the framework for responsible behaviour of states in cyberspace. But where do we go from here? How can we ensure these agreements are respected and implemented, and how can the multistakeholder community play an active role?
The Ransomware Pandemic: Is There a Light at the End of the Tunnel? Cyber Resilience Seminar Series.
Oct 13, 2021 09:00 AM in Eastern Time (US and Canada)
GFCE Member World Bank, is hosting on Wednesday, October 13th “The Ransomware Pandemic” webinar which covers the increasing threat posed by ransomware attacks, and will focus on several themes: governmental response, economic impact, incident management and capacity building.
The webinar will feature a keynote address by Chris Painter, President of the GFCE Foundation Board, followed by a panel discussion featuring leading global cyber resilience experts Dr. Maya Bundt, Mr. Menny Barzilai, David Satola and Dr. Ts. Aswami Ariffin.
Virtual Roundtable: “Evolving internationally coordinated strategy to detect ransomware attacks as an international diplomatic and enforcement priority”
In September 2020, The Azure Forum brought together experts from across the globe to examine the nature of malicious cyber-enabled state activity in the healthcare sector during the global pandemic and the policy responses open to states to deal with this behaviour. A number of high-profile ransomware incidents have since occurred globally, such as the Colonial Pipeline and Health Service Executive of Ireland attacks, and use of ransomware targeting Microsoft exchange servers. We are thus revisiting these themes and would like to invite you to join a high-level roundtable discussion on “Evolving internationally coordinated strategy to deter ransomware attacks as an international diplomatic and enforcement priority”.
Thursday 30 September 2021 at 13:00-14:30 (Irish Standard Time).
Themes & Topics
Cyber 9/12 Strategy Challenge for South Africa
Atlantic Council and the Cybersecurity Capacity Centre for Southern Africa (C3SA) at the University of Cape Town, are partnering to host the inaugural Cyber 9/12 Strategy Challenge in South Africa. The Cyber 9/12 Challenge for South Africa is designed to offer students enrolled in tertiary education programmes across a wide range of academic disciplines in South African universities, a better understanding of the policy challenges associated with cybercrime and/or cyber operations. Part interactive learning experience and part competitive scenario exercise, the Cyber 9/12 Strategy Challenge for South Africa gives students interested in understanding and learning how to tackle and respond to cybercrime and/or to cyber operations, from a technical, policy, and legal angles an opportunity to interact with expert international, regional, and national mentors, judges, and cyber professionals while developing valuable skills in policy analysis and presentation.
Student teams will be challenged to respond to an evolving scenario involving a major cyber-attack and analyse the threat it poses to state, military, and private sector interests. Teams will be judged based on the quality of their policy responses, their decision-making processes, and their oral presentation to a panel of judges. Along the way, teams will work with coaches at their home institution to develop their policy skills and feedback from expert panels of judges will ensure that all participants have an opportunity to improve their skills, as well as networking opportunities during the competition.
CENS Webinar “Making Ransomware Pay: Strategies for Taking Back Control”
CENS Webinar "Making Ransomware Pay: Strategies for Taking Back Control"
23 September 2021, 20:00h-21:30h
The recent Kaseya ransomware attacks brought together a formidable combination – a zero-day vulnerability, a supply chain hack and a ransomware encryption programme – that together crippled the delivery of critical and other essential services as well as affected the operations of up to an estimated 1,500 businesses. However, apart from efforts by governments and industry to patch vulnerabilities post-incident and mitigate effects, there appears to be still a relative paucity of effective measures to proactively address the increasingly complex ransomware threats that have arisen recently. Aside from the debate of whether to pay or not to pay, there have also been increasingly strident calls for governments and industry to combine a strong defence while developing proactive policy, legislative and operational levers to address and mitigate the ransomware threat. At the same time, the intersection of government and business interests is an opportunity to enhance collaboration to better address and mitigate the effects of such attacks in future, including in information sharing, investigation, tracing of ransomware payments and where appropriate, the tracking down of the perpetrators.
This webinar will seek to discuss policy, legislative and operational options and avenues for public-private partnership that are available to – and which can be developed by – governments and industry to proactively deal with increasingly sophisticated ransomware threats.
Panellists include: Tom Millar (CISA), David Koh (CSA Singapore), Rachel Falk (CSCRC) and Stéphane Duguin (CyberPeace Institute).
Themes & Topics
What Future for International Cyber Capacity Building?
23 September 2021 from 14:00-15:30 CEST
Coinciding with the EUISS launching of the EU-funded report on international cyber capacity building trends and scenarios, the EUISS are holding an online event in order to share its findings and discuss its themes. The report “International Cyber Capacity Building: Global Trends and Scenarios” is a first of its kind EU-funded research product to enhance the evidence-base on international cyber capacity building.
The event might be of particular interest to the following stakeholders:
• International stakeholders engaged in cyber capacity building, notably the Global Forum on Cyber Expertise community, donors, partner and beneficiary countries and organisations, international organisations, civil society organisations, and CCB project implementers;
• Digital development stakeholders and programmes engaging in digital transformation cooperation where CCB could be a component or integrated as a cross-cutting issue;
• Relevant EU services and EU Delegations, Cyber Ambassadors of EU Member States, the High-Level Working Party on Cyber Issues, and EU CCB project implementers.
The event will consist of a presentation on the report by co-authors Robert Collett and Nayia Barmpaliou followed by a Debate among expert panellists, with time for Q&A.
The Octopus Conference, held every 12 to 18 months by the Council of Europe, constitutes one of the biggest and finest platforms of exchange in cybercrime gathering experts from 80 countries, international organisations, private sector and academia.
This year’s Octopus Conference will take place on 16-18 November providing an opportunity for cybercrime experts from public and private sectors as well as international and non-governmental organizations from all over the world to share experience.
- A special event with high level interventions will be organized on 16 November in cooperation with the Hungarian Chairmanship of the Committee of Ministers on the occasion of the 20th anniversary of the Budapest Convention and the 2nd additional Protocol on enhanced cooperation and disclosure of electronic evidence.
- On 17 and 18 November, multiple workshops will punctuate the day, including regional workshops (for Asia, Latin America, the Caribbean, the Pacific, Africa), “lightning talks” with interventions by participants, and other thematic sessions (Capacity building, Ransomware, AI...). A closing Plenary session will take a look at Octopus take-aways.
Singapore International Cyber Week (SICW) 2021
The sixth edition of SICW will take place from 4 to 8 October 2021, under the theme of “Living with COVID19 – Reimagining digital security risks and opportunities”. COVID-19 has accelerated digitalisation and resulted in a growing dependence on technology, but this has also increased our exposure to cyber attacks. While a handful of countries have started on the bumpy road to recovery, most are experiencing a resurgence in infections. Living with COVID-19 will be a prolonged reality that the global community has to come to terms with. As private and public stakeholders reposition themselves or recalibrate policies to promote digitalisation, what are the digital and cyber risks involved and how should we manage them? Amidst these risks, what are the new digital opportunities that did not exist pre-COVID-19? How can countries and organisations leverage these opportunities? These and many other questions will be tackled at SICW 2021.
Alongside the shift of business meetings towards a hybrid model, CSA will be organising SICW 2021 as a combination of inter-linked physical and virtual meetings that will allow key leaders from governments, industry, academia and non-government organisations to explore the future of cyberspace cooperation from a broader range of perspectives.
C3SA Webinar “Identifying cyber threats and risks in SSA”
Exposure to cyberspace comes with a lot of opportunities and many dangers. Very often, members of the public have challenges identifying the threatening and the risky situations they are exposed to. The aim of this webinar is to describe and explain the main and emerging threats and risks to the lives of individual members of the public, and to suggest ways to identify an attack or a risky situation. The webinar will discuss malware, social engineering, denial of services, and intrusions; with risks ranging from, cybercrime (Fraud, privacy infringements, defacement, and vandalism) cross-border cyber-criminality, cyberterrorism, and cyberwarfare.
Through the various speaker's interventions, the session will discuss and assess key questions around cyber threats, cyber surveillance and cybercrimes in SSA such as the following:
- What are the main cyber threats to general members of the public in SSA? (In different spaces e.g., individual community member, professional, and enjoying leisure)
- What are the main cyber threats to businesses in SSA? (e.g., On-site, and Remote work, trusted professional network, etc.)
- What is the state of cyber-surveillance, cyber espionage, cyberterrorism, and cyber warfare in SSA?
- What are the most frequent cybercrimes and their impacts on SSA people, economies and countries?
The event will take place online the 28th of September at 10:00-12:00 SAST.
Roundtable on Implementing Digital Transformation – A Case for Cyber Cooperation
The Department of International Relations and Cooperation of South Africa and the Ministry of Foreign Affairs of the Netherlands, in partnership with the Observer Research Foundation America and Research ICT Africa, are organizing a Roundtable on Implementing Digital Transformation - A Case for Cyber Cooperation on October 6 at 15:00-16:30 SAST.
This roundtable will focus on refining the understanding of the imperative of inclusive digital transformation and the concomitant security implications and risks of this transformation in Africa. Furthermore, to examine ways in which these concerns can be addressed, speakers will provide examples of initiatives related to SDG 16 and 17 (and other SDG targets) being undertaken in multilateral and multistakeholder cooperation frameworks, that are currently contributing to a more equitable, secure and stable cyberspace.
Kaspersky Security Analyst Summit
The Kaspersky Security Analyst Summit (SAS) is an annual event that attracts high-caliber anti-malware researchers, global law enforcement agencies and CERTs and senior executives from financial services, technology, healthcare, academia and government agencies.