Tuesday, 19 September 2017

"Moving Towards CyberResilience", BalCCon2k17

This year is my first time to the Balcan Computer Congress, known as BalCCon (BalCCon2k17) in Novi Sad, in Serbia. I have visited Serbia a few times for work and it is a pleasure to have the opportunity be back, attending this amazing conference and present a talk. 

BalCCon (@balcc0n) is a three-day conference with a great line-up of speakers, hackspace activities that include soldering and hardware hacking, retro gaming, workshops, and a pleasant atmosphere with a party-mood throughout the day. 

This year’s event is the 5th BalCCon2k17.  The conference opened on Friday 15/Sep/2017 by Jelena Georgijevic Krasojevic. She welcomed everyone and gave a small introduction about the event and its history. The event started at 14:00, which gave people enough time to fly to the country in the morning or make sure they had a really good night sleep if they arrived the previous night. 

If you haven't been to BalCCon, it is time for you to make plans for next year. The package includes, amazing talks, plenty activities for people to do, many workshops to attend, a friendly atmosphere, good food, and warm weather. 


The day started with Robert Simmons discussing “Advanced Threat Hunting” and went in depth with YARA rules and different tactics malware authors use to evade detection. An interesting story on hunting down the actual malware author(s) was shared and emphasised once more the point that cyber-criminals might get away at first, but, eventually our security experts will make sure they get caught due to an overwhelming number of reasons.  

The next talk by Nemanja Nikodijevic on “Bridging the air-gap” gave a nice introduction on different attack scenarios in a historical order. The introduction included mentioned to cottonmouth-I, Stuxnet, Brutal Kangaroo and a few more. The talk circulated around the threat vectors that rely on USB enabled devices and gave us an interesting website to look at (chongdiantou.com) when it comes to circuits inside power chargers. 

Moving forward into the day there was a split in the schedule. Vladan Nikolic and Benjamin Lafois presented a talk on “Pentesting Automated Voice Responders using Smart Cloud Services” in the Tesla Room, while in the Pupin Room, Radu started an IOT workshop (you should definitely visit his page). 

Vladan and Benjamin talked about IVR systems and DTMF codes, especially on systems being used by call-centres, such as those that need to be compliant with PCI DSS. I really loved their talk and I enjoyed listening about the work they put forward, trying to assess the system using asterisk (www.asterisk.org). 

My talk was in the Tesla Room, and it was all about “Moving Towards Cyber Resilience”. This was a spin-off of the talk I gave at IRISSCON 2016 - The 8th #IRISSCERT Cyber Crime Conference which is Ireland's first CERT (Computer Emergency Response Team) and it was also published at Tripwire

Given the opportunity and the specific audience in BalCCon, I tried to give to the talk the ethical hacker’s perspective, when it comes to cybersecurity and tried to educate the security professionals on how to communicate their technical work, concerns, suggestions and findings back to the business. The talk tried to familiarise the audience with the term Cyber Resilience, and how a holistic approach to information security problems today, will allow to better ourselves in most aspects of cybersecurity when it comes to safeguarding our companies, organisations and businesses, across the globe. The talk also touched upon the topic of cybersecurity budgets and on how cyber resilience can change the way the board thinks when it comes to cybersecurity and the overall costs involved. 

What information security professionals need to realize, is that Cyber Resilience is a term that goes beyond Business Continuity Plans (BCP) and Disaster Recovery (DR). Cyber Resilience needs to be understood and perceived as the broad holistic approach that is needed to address CyberSecurity challenges which include readiness, response, and recovery. Each industry has a broad ecosystem and we need to approach the challenges involved differently. In order to achieve this, a move towards Cyber Resilience demands the collaboration of the board, technologists, the involvement of third-parties, cybersecurity experts, while responsibilities, regulation and compliance issues have been clarified and tested. 

The talk included war-stories from the field, how cybersecurity is currently perceived, what is wrong with our current security culture, how we need to advance in order to move forward and in what way, we as an industry, must evolve, to be able to defend ourselves (the industries and organizations we represent) against emerging threats, as these will inevitably continue to counter-evolve against our defenses. 

It was a great pleasure to have a full room of people and thank you once again for all the positive feedback. I am glad that this talk gave food-for-thought and initiated many conversations on cybersecurity during the conference during the three days. 

I attended most of the talks, and workshops during the next two days. I had fun with soldering and I did an amazing training on industrial grade soldering! Yes, it worked and did not blew up! :)

The talks will be available online soon and I strongly recommend spending some time watching the videos. 

For those who do not know this, BalCCon has a Rakija workshop on Saturday night. Researching different types of Rakija is a challenging task, but very overwhelming for those who never had such experience before. Despite the number of different drinks available on that night, the chocolate Rakija won my heart, and I am looking forward to have more in the future!

No comments:

Post a Comment