Fifth Annual Cyber Security Week an unprecedented success

The Fifth Annual Cyber Security Week (CSW _2012) which kicked off on 21 November was an unprecedented success. The multi-faceted week’s program was organised by the subsidiary of the ICT Agency of Sri Lanka (ICTA), the Sri Lanka Computer Emergency Readiness Team | Coordination Centre and ICTA.

With the increased use of electronic services ranging from online banking to Government service provisioning, the threat of cyber attacks has increased dramatically. Knowing how to protect oneself online and how to respond to security breaches is essential in an ICT-enabled society.

With this in mind, the CSW_2012 Program consisting of five events was designed with the aim of raising awareness of the importance of cyber security in the present day. The target groups were ICT professionals, students and security enthusiasts in the country, and the objective was to update their knowledge of emerging threats, countermeasures and technologies.

“Cyber attacks are becoming increasingly sophisticated and targeted,” said Anand Naik, Managing Director – Sales, India & SAARC, Symantec. “Symantec is committed to raising greater public awareness about cyber security challenges that developing economies face. It is pleased to be part of the CERT initiatives to create a strong cyber safety culture in Sri Lanka.”

The first event was the ‘Hacking Challenge 2012,’ which was conducted at Hotel Renuka on 21 November. This year’s challenge was attended by 10 three-member teams from various corporate organisations.

As part of the exercise these were required to complete a series of hacking tasks, ranging from compromising a database to guessing a password. The idea was to encourage security administrators to think about how their own organisations’ systems could be compromised by a hacker and to take necessary countermeasures. This year’s winner was ‘Team Vendetta’ from eCyberSec Private Limited.

The second event, which was conducted at Hotel Renuka on 30 November was the ‘Information Security Quiz 2012,’ which was exclusively for students from tertiary education institutions. Eighteen teams from around the country competed through eight rounds of questions in this closely contested event, with the team from IDM Premier winning first place.

The quiz tested the participants’ knowledge on various information security such as physical security, legal requirements for security, cryptography and access control. It was encouraging to note the increase in participation compared to last year.

The flagship event, the Fifth Annual National Conference on Cyber Security was held on Wednesday, 5 December at Hotel Taj Samudra. Defence Secretary Gotabaya Rajapaksa delivered the keynote address as Chief Guest to the avid participants who totalled about 200.

The Chief Guest stressed the importance of forming strategies and implementing them in a coordinated manner to protect the nation’s cyber space from both internal and external threats. The keynote address was followed by presentations, the majority of which were delivered by overseas security experts.

Among the topics they delved into were the following: The importance of a national authentication framework, outbound security for web and cloud services, advanced persistent threat prevention, and secure software development. The conference was followed by a networking session and awards ceremony.

Telecommunications and IT Minister Ranjith Siyambalapitiya presented the winners of the Hacking Challenge and the Information Security Quiz their respective prizes and trophies.

Two technical workshops on OWASP Enterprise Security API and Practical Application Security Testing were conducted on 6 and 7 December, respectively by OWASP Singapore Chapter President Wong Onn Chee and ISC Application Security Advisory Board member IDM Corporate Training Division Laurie’s Place Singapore. Both these workshops were of immense benefit to web application developers who were keen on developing secure applications and testing the strength of applications.

CSW_2012 was generously supported by the Main Program Sponsors Symantec Software Solutions and Checkpoint Software Technologies, Strategic Partner the Telecommunications Regulatory Commission of Sri Lanka, and Electronic Media Partner Vanguard Management Services Private Limited. The hacking challenge was sponsored by Informatics Private Limited.

The Information Security Quiz and Workshop on Practical Application Security Testing was sponsored by the International Information Systems Security Certification Consortium. The workshop on OWASP ESAPI was sponsored by Mobitel Private Limited and the Silver Sponsor for the Conference was HP Enterprise Security.