EXPO 2020 Dubai - Connecting Minds, Creating the Future

EXPO 2020 Dubai (www.expo2020dubai.com) is a MEGA-event that was built from the ground up! 

Expo 2020 (Arabic: إكسبو 2020‎) is a World Expo to be hosted by Dubai in the United Arab Emirates. 

Expo 2020 was scheduled to open its doors in Oct/2020, but due to the pandemic it was postponed to 2021 (will be running for 6 months, from 1 October 2021 to 31 March 2022) while keeping its original brand name as "EXPO 2020 Dubai".

(See the wikipedia page for more information).

If you are already resident in the UAE you can seize a unique opportunity to volunteer for EXPO 2020. The Expo 2020 Volunteers Programme, like most of the world’s mega events, is at the heart of the first World Expo that will take place in MEASA (Middle East, Africa and South Asia) region.

Follow Expo 2020 on Twitter (@EXPO2020Dubai) to get the latest update and stay abreast of what is happening #PavilionsPremier #ExpoPavilionsPremiere #Expo2020 #Dubai #UAE

UAE IA Standards: Measuring Cyber Security Maturity

The UAE has become an emerging technology hub in a fast-evolving interconnected digital world while cyber-threats at a global scale are becoming far more complex, and increasingly inevitable.

The UAE has significant resources and is continuously raising the bar when it comes to innovation. At the same time, smart technologies, automation and technological advances make the region a particularly attractive target to threat actors. Effective cybersecurity strategies are moving from a standalone defensive approach to mandatory security programs representing the competitive advantage among whole organisations.

The UAE's federal body released the UAE Information Assurance (UAE IA) Standards on 25th June 2014, as part of the Cyber Security Framework, to manage the country's cyberspace.

Since the release of the UAE IA standard, the UAE and the globe, has seen a nearly exponential growth of cybersecurity landscape. The lates statistics from various sources depict an exponential growth of the cyber landscape while at the same time, offer trustworthy and actionable recommendations for thought-leaders and decision-makers.

Gulf Information Security Expo & Conference (GISEC 2019)

The Gulf Information Security Expo & Conference (GISEC) brings together over 6,000 top security professionals to discover cutting-edge solutions, share insights with industry experts and equip themselves with the right tools to protect their businesses from rapidly-evolving cyber attackers.

Supported by Smart Dubai, Dubai Police and the National Cyber Security Center KSA, GISEC is your opportunity to do business and share ideas with the world’s most important tech companies, government officials and private industries.

I was invited to go on stage and present at @GISECDUBAI at the #DarkStage, presenting on “CyberSecurity in Evolutionary Terms”.

#CyberDubai #GISEC #GISEC2019 #SmartDubai #SecurityMindset #ThoughtLeadership


See the GISEC 2019 - Post-show report can be found here

GISEC 2019 Speaker Profile: https://www.gisec.ae/conference-speakers/grigorios-fragkos

International Defence Conference, IDEX2019

The International Defence Exhibition & Conference, or IDEX, is a biennial Arms and Defence technology sales exhibition. The exhibition is the largest defence exhibition and conference in the Middle East and takes place in Abu Dhabi, United Arab Emirates.

As Cyber space is officially the 5th domain of operations, Cyber Defense is in everyone's agenda. 

This week I was at IDEX 2019, presenting & sharing expertise on how to tackle the challenge of ‘Measuring Cyber Security Maturity’ especially when it comes to protection entities that have a key role in the Critical National Infrastructure. 

Driving groundbreaking innovation in CyberSecurity required to be able to protect and defend the emerging new technologies and smart cities from evolving Cyber threats. 
#CNI #SmartCity #SmartDubai #CyberRisk #CyberDefense #CyberResilience #MENA #IDEX2019 @IDEX_UAE, Cyber Risk Exposure, #CyberDefense, #CyberResilience, #IDEX

Guest Speaker at the University of South Wales

Invited by USW Cyber Security Society and Information Security Research Group in University of South Wales to present my talk "A holistic view on Cyber Security in evolutionary terms (food-for-thought)". This is also part of our OWASP (OWASP London Chapter) initiative to reach out to Universities and share expert knowledge in the security and cybersecurity space. 

"Thank you very much for all your sharing today at USW. Just wanted to say you are such an inspiration to me and many others" Maria Peng Wang

See Talk Details --->

Guest Speaker at Cardiff University

Invited by Complex Systems Research Group in University of Cardiff to present my talk "A holistic view on Cyber Security in evolutionary terms (food-for-thought)". This is also part of our OWASP (OWASP London Chapter) initiative to reach out to Universities and share expert knowledge in the security and cybersecurity space.

Feedback:
"The talk was one of the most useful I have attended during my PhD because it is unusual to speak to someone who can relate between research and industry in cyber security. It was really encouraging and made me look forward to working in the space after my PhD" Matilda Rhode 

"Very Inspiring and a Great Talk" Irene Anthi

See Talk Details --->

Cyber Security Awareness Month 2018

October is known as Cyber Security Awareness Month and in the US it is commonly referred as National Cyber Security Awareness Month (NCSAM). This is a global initiative to raise awareness on emerging Cyber threats and best practices to defend against them, while educating the public and the private sector, on how to tackle cyber security challenges in a fast-evolving digital ecosystem.

‘Security’ is the enabler for evolving and scaling up in a secure manner, while minimising the risk of being affected at an irrecoverable level.

Cyber Security is promoted at an impressive rate during this month, with several awareness campaigns taking place. Typically, these campaigns focus on giving advice around having best-in-class practices when it comes to Cyber Security, sharing thoughts around exposure to unnecessary risk and try to communicate the benefits from having a Cyber Resilience strategy in place, while discussions around defence-in-depth tend to spawn recommendations around different products and services that might help an organisation’s security practice. 

To achieve this, during October several events take place to engage and educate the information security community, while focusing on sharing knowledge, lessons learned, and forward-looking ideas.

Boardroom Briefing on Cyber Risk Exposure, in M&A and deal-flow scenarios

To understand and simplify the current Cyber Risk exposure in Mergers and Acquisitions (M&A), this article focuses on explaining the inner workings and what is currently the state of affairs in the Cyber front, from a deal-flow perspective, while being structured as an informative boardroom briefing. 

"Understanding the Cyber related risks in M&A in this digital era, is an 'investment metric' for a successful decision-making process"

Before jumping into specifics, and to put things in the right context, consider for a moment that every business entity is more or less similar to an alive ecosystem; that is composed of people, services, synergies, cooperation, products, ideas, technologies, dependencies, and advances on different fronts. Effectively, as business entities evolve, by adapting the digital model of operations, the nature of their risk exposure equally evolves due to the numerous emerging Cyber-threats. 

ISSA UK meet on board the HQS Wellington

This week we had an amazing event with @issauk. The meet took place on-board the @HQSWellington #HQSWellington #InfoSec #CyberSecurity #CyberDefense #CyberDecence 

ISSA-UK, isthe UK Chapter of the ISSA. With active participation from individuals and chapters all over the world, the Information Systems Security Association (ISSA) is the largest international, not-for-profit association specifically for information security professionals. Having welcomed over 1,800 members since our beginnings in 2003, the ISSA-UK Chapter is the world’s most successful chapter. 

Cyber Europe 2018 by ENISA (EU Agency for Network and Information Security)

The EU Agency for Network and Information Security (ENISA) manages the programme of pan-European exercises known as Cyber Europe #CE2018. 

The Cyber Europe exercises are simulations of large-scale cybersecurity incidents that escalate to become Cyber crises. 

I am part of ENISA's approved NIS Experts*, where I have both designed and reviewed different Cyber incidents/exercises for the pan-European Cyber Europe exercise, I wanted to share with you the opportunity to get to know more about this very important bi-annual European initiative. This year is the 5th pan European Cyber crisis exercise.

The scenario

• Cyber Europe 2018 planners developed a scenario revolving around Aviation which can include, Civil Aviation Authorities, Air Navigation Service Providers (ANSPs), Airport Companies, Air Carriers, with potential impacts in other sector.
• The scenario will contain real life inspired technical incidents to analyse, from forensic and malware analysis, open source intelligence, and of course non-technical incidents.
• The incidents will build up into a crisis at all levels: local, organization, national, European. Business continuity plans and Crisis management procedures will be put at test

The exercise is organised for IT security, business continuity and crisis management teams coming from EU and EFTA Member States only.


More: https://www.enisa.europa.eu/topics/cyber-exercises/cyber-europe-programme 

*NOTE: The CEI List of Experts is a tool used solely for the purposes of assessing and identifying suitable external experts for a potential future contractual working relationship with ENISA. It is emphasised that inclusion in the list does NOT mean that you are considered to be an official representative of ENISA or in any way entitled to represent the Agency.

UK Minister for Digital on CyberSecurity..

Britain’s most critical industries are being warned to boost cyber security or face hefty fines, as the government acts to protect essential services from cyber attacks.

"We want our essential services and infrastructure to be primed and ready to tackle cyber-attacks and be resilient against major disruption to services," said the current Minister for Digital, Margot James.

In August last year, it was mentioned by the former Minister of Digital Matt Hancock, that a new government directive is being considered, that will allow regulators to inspect the Cyber Security status of companies.
More specifically, it was said that companies in the Energy, Transport, Water and Health sectors, are expected to have "the most robust safeguards".

Will "GDPR Extortion" become the new "trend" in cybercrime?

Even though this is not an "official" term that is being used (well, at least not yet), it does describe the concern I am trying to explain to people at different occasions. I often discuss GDPR from the security perspective, and the conversations most of the time end up focusing at the implications of the regulation and the "next day". 

This is when I end up trying to describe the potential scenario of "GDPR Extortion", as I always like to see things through different lenses when it comes to forward-thinking in Information Security and CyberSecurity. 

By saying "GDPR Extortion" I tend to mean something similar to "DDoS Extortion", and it is easier to give an example to people in order to explain this type of potentially evolving threat. 

"Moving Towards CyberResilience", BalCCon2k17

This year is my first time to the Balcan Computer Congress, known as BalCCon (BalCCon2k17) in Novi Sad, in Serbia. I have visited Serbia a few times for work and it is a pleasure to have the opportunity be back, attending this amazing conference and present a talk. 

BalCCon (@balcc0n) is a three-day conference with a great line-up of speakers, hackspace activities that include soldering and hardware hacking, retro gaming, workshops, and a pleasant atmosphere with a party-mood throughout the day. 

This year’s event is the 5th BalCCon2k17.  The conference opened on Friday 15/Sep/2017 by Jelena Georgijevic Krasojevic. She welcomed everyone and gave a small introduction about the event and its history. The event started at 14:00, which gave people enough time to fly to the country in the morning or make sure they had a really good night sleep if they arrived the previous night. 

If you haven't been to BalCCon, it is time for you to make plans for next year. The package includes, amazing talks, plenty activities for people to do, many workshops to attend, a friendly atmosphere, good food, and warm weather. 

IRISSCON 2016 - 8th IRISSCERT Cyber Crime Conference

IRISSCON 2016 - The 8th #IRISSCERT Cyber Crime Conference
Ireland's first CERT (Computer Emergency Response Team)

This year, my talk was all about Cyber Resilience. The talk provided the opportunity to participants to familiarise and understand what the term really means, and why it should not be considered as another buzzword used in the industry.  

"Threats constantly evolve based on the way our defences counter-evolve, and this cycle is something that is going to happen no matter what. What matters the most, is in what way we act upon, and how our decisions need to be part of a bigger forward looking strategy that does not treat security in an ad-hoc manner, especially when it is too late"

IRISSCON 2016 - IRISSCERT

The 8th IRISSCERT Cyber Crime Conference will be held this year on Thursday the 24th of November 2016 in the Ballsbridge, Pembroke Road, Dublin. www.iriss.ie 

This all day conference, focuses on providing attendees with an overview of the current cyber-threats throughout the world and focuses especially on threats that affect businesses in Ireland, and what should be the best course of action when it comes to defending against these threats. You can find my recap blog post for last year's event here.

Like every year, professionals that work in cybersecurity and tackle cybercrime / cyber threats on a daily basis, will be sharing their thoughts and experiences, while attendees have a unique opportunity to ask questions,discuss cybersecurity strategies, and most importantly will meet and network with likeminded individuals allowing them to share their views and opinions.

I am honoured to be invited to speak at this event and get to share my thoughts and views on cybersecurity and most importantly, on cyber resilience, which is also reflected by my talk's title: "All aboard, next stop; Cyber Resilience". 

The abstract for my talk can be found below and I do hope you find it interesting. If you find yourselves in Dublin during the conference, I strongly suggest getting a ticket on time and join us at IRISSCON, and please come and say hi. It is always a pleasure to meet people who are passionate about information security and cybersecurity, and want to discuss/share their thoughts and opinions. Looking forwards to seeing you all there.

Towards a Cyber Resilience strategy (Cyber Security Awareness Month – Oct 2016)

As most of you already know, October is Cyber Security awareness month. The aim of the Cyber Security awareness month is to raise awareness across the international community about cyber threats, discuss best practices, and educate the public and private sector, on how to stay safe online.

Cyber Security is promoted extensively during this month and many events are being organized with the sole purpose to engage and educate public and private sector entities, while provide them with the necessary tools and resource to stay safe when connected online. Given the opportunity let’s talk about the UK’s Cyber Security Clusters and how you could get to engage, participate, network and most importantly ask any questions that you currently have regarding your organizations cyber security posture and staying safe online.