Day 1

Sultanate of Oman - The Arab world’s regional cyber security centre

Viewpoint 1: National Cyber Security Policy

• Designing technology, legislative and regulatory frameworks
• Governance, effectiveness and efficiency

Viewpoint 2: Realising strengths and weaknesses

• Self-reliance through R&D
• Capacity building
• Compliance and law enforcement

Viewpoint 3: Achieving better international collaboration

• Regions should collaborate first
• Multilateral information sharing
• International cooperation

Viewpoint 1: Overview of what is known today

1. Tip of the iceberg. What we know and what we are worried about
2. Origination of attacks

Viewpoint 2: The iceberg effect

1. The reality of the situation is well hidden

Viewpoint 3: National strategies

1. Honeynets
2. Industry and institutions working together

Viewpoint 4: Regional and International collaboration

1. Sharing talent and knowledge is the only way to succeed
2. Live attack and incident data sharing

Speaker Information Badar Ali Al-Salehi

Director of Oman National CERT

Viewpoint 1: Do you really know where your data is stored?

• Impact of virtual border crossings
• Legally and illegal data access
• Secure transmit paths
• Encryption and backup

Viewpoint 2: Cloud-based security management

• Security and monitoring
• Viral and malware technology for mobile environments
• Enhanced mobile handshake between corporate and public environments
• Centralised data analysis solutions for cloud technology

Viewpoint 3: The next 5 years

Legal frameworks

Next generation encryption

Protected communication networks

Viewpoint 1: How much did you actually lose and do you really know how often it happens?

• Forget what you think you know. In reality you know about 10% of what is really happening.
• How easy is it to DDOS?
• Loss of trust from customers

Viewpoint 2: Impact of economic loss

• Data loss = $
• Access loss = $
• Brand damage = $

Viewpoint 3: How you can fight a typical DDOS attack

• Identifying genuine traffic
• Responsive and threat aware firewalls
• Security compliance and standardisation

Viewpoint 4: The future of DDOS protection

• Cloud-based CDN routing
• Human behaviour analysis
• Layer 7 attack protection
• ISP collaboration and DDOS mitigation

Viewpoint 1: Know your enemy and their goals

• Analyse, understand and secure
• Dormant intrusion which triggers later
• Know your weaknesses, the hackers do!
• Digital forensics

Viewpoint 2: Lost or stolen

• Fraud detection: Monitoring and protecting accounts
• Secure keys and secure payment
• Secure mobile payments. NFID

Viewpoint 3: The future of advanced analysis

• Memory forensics
• Real time network analysis
• Behavioural analytics

Viewpoint 1: What happens when you don’t accept the truth?

• Black outs and loss of business
• Incorrect actions and manipulation of processes
• Physical damage and loss of life

Viewpoint 2: Who is trying to attack you?

• Political motivations

Viewpoint 3: Smart grids and SCADA protection

• Secure smart grids
• Hybrid security, corporate and industrial strategies
• Human intelligence and training methodologies

Viewpoint 4: Today vs tomorrow’s prevention

Network protection

Roadmaps and technological advancements