GISEC AGENDA

MAIN STAGE
CONFERENCE ROUNDTABLESCRITICAL INFRASTRUCTUREDARK STAGEDEFENCEFINANCEGISEC CYBERSTARSGLOBAL CYBERSECURITY CONGRESS HOSTED BY UAE CYBERSECURITY COUNCILGOVERNMENT STAGE HOSTED BY DESCHACK 360INSPIRE [WOMEN IN CYBERSECURITY]MENTORSHIP LABSPublic Cyber AwarenessXLABS

10:30 – 10:30

DARK STAGE Moderator Remarks DARK STAGE

Speakers

Big Hass Radio Host Pulse 95 FM UAE

10:30 – 10:50

DARK STAGE Exploit research of World's Largest Coffeehouse Chain DARK STAGE One thing is enjoying eating and drinking coffee and the other is actually hacking these retails stores. This sssion takes us into a deep dive into how Walid found the RCE, what kind of research was involved, what kind of tools aided in that, how does the Oracle retail system work and how the exploit was developed.

Speakers

Walid Faour Penetration Testing Lead Alshaya Group United Arab Emirates

10:50 – 11:10

DARK STAGE Crypto Heist through Web2 DARK STAGE Let''s explore two critical web2 vulnerabilities that could lead to transfer of funds in crypto wallets. This 20-minute talk aims to raise awareness and provide insights to fortify your web32 solution against web2 attacks.

Speakers

Dimitris Pallis Ethical Hacker Greece

11:10 – 11:30

DARK STAGE A Look into the Future: The Role of AI in Cybersecurity Operations DARK STAGE AI is revolutionizing cybersecurity, empowering defenders while posing new risks in the hands of attackers. Join cybersecurity expert Paula Januszkiewicz to explore AI's dual role, from enhancing threat detection to automating hacking techniques. Learn about evolving threats like phishing attacks and biometric manipulation, and prepare for the challenges ahead.

Speakers

Paula Januszkiewicz Founder & CEO CQURE Poland

11:30 – 11:30

DARK STAGE Starship Secrets of the Modern Security Program DARK STAGE In the age of uncountable security offerings from vendors and consultants, what essentials actually matter? At the end of the day, risk reduction for compliance''s sake should not simply be a series of boxes to check; dealing with the underlying root causes of security issues will inevitably lead you to the Promised Land. In this talk, we will bypass the mountains of snake oil in the security industry and focus on the absolute prerequisites of a successful security apparatus.

Speakers

Bryce Case Jr Hacker, Rapper, Entrepreneur, USA

11:50 – 12:10

DARK STAGE Drip, Drip, Drop: Confronting Data Attacks in ICS/OT systems DARK STAGE Environments that leverage Industrial Control Systems (ICS) or Operational Technology (OT) infrastructure are not impervious to data attacks or breaches that contaminate data sources. In industrial systems, system and data integrity are inherently connected to process safety, with the potential to impact human life and the environment directly. Therefore, within the industry, this aspect holds a top-tier priority. This talk will cover various data sources and attacks on data, including data sources used for AI/ML processing. The focus will be on how to confront and mitigate these data attacks in ICS/OT environments.

Speakers

Michael Hoffman SANS Certified instructor SANS Institute

12:10 – 12:30

DARK STAGE Cyber Resilience in the Cloud: A Live Ethical Cloud Attack DARK STAGE As we’ve shifted to the cloud, we’ve exposed ourselves to new security risks that can’t be ignored. Join Hardeep Singh, Pentera Sr. Security Engineer, as he demonstrates a live ethical attack on the Cloud. Learn how Automated Security Validation removes assumptions and ensures cyber resilience across your entire attack surface, including the Cloud.

Speakers

Hardeep Singh Senior Security Architect Pentera UAE

12:30 – 13:00

DARK STAGE The Dark Side of AI - How Hackers use AI & Deepfakes DARK STAGE Mark will take you on a journey to the Dark side of AI. More than 90 % of cyber attacks are caused by human error and AI changes the nature of attacks. How do cybercriminals use Chat GPT, Worm GPT and Deepfakes? What should we do to protect ourselves? Can we use AI to fight back? Mark has met and anonymously interviewed hackers to understand the inside perspective. Get an exciting and rare insight into the Dark Side of AI.

Speakers

Mark T. Hofmann International Profiling-Expert Germany

13:00 – 13:20

DARK STAGE Artificial Intelligence (AI) for C4ISR - Power of Context DARK STAGE Resecurity implements Artificial Intelligence to empower military intelligence and defense agencies with unparalleled insights into emerging threats and security challenges using advanced analytics.

Resecurity''s implementation of artificial intelligence for C4ISR represents a significant leap forward in the field of national security. With Context AI, defense agencies have access to a powerful tool that not only enhances operational effectiveness and cost efficiency but also addresses the inherent challenges associated with AI-generated intelligence.

Speakers

Ahmad Halabi Managing Director Resecurity UAE

13:20 – 13:40

DARK STAGE Critical Infrastructure when physical risk becomes virtual DARK STAGE Physical access remains the number 1 risk for Critical Infrastructure today. The session aims to delve deeper into how accidental insider becomes the pawn of the threat actor to compromise the CI capability through methods like deep fake.

Speakers

Stevo Cvetkovic Managing Director ITSec Australia

13:40 – 14:00

DARK STAGE Defending Your Cloud: Practical Insights from Nation-State Attacks & AI-Powered Security DARK STAGE Dive into the principles of layered cloud security, drawing insights from real-world nation-state attacks. Discover how generative AI can enhance threat detection and response. Witness practical demonstrations of effective ransomware mitigation techniques.

Speakers

Thomas Philip Maurer Head of Security & Compliance Middle East, Turkey, Africa, Google, UAE

14:00 – 14:20

DARK STAGE Meta Bug Bounty Program - Researcher’s Side DARK STAGE In this talk, we will delve into the Meta Bug Bounty program and demonstrate live hacking scenarios. Attendees will gain insights into Meta API requests (specifically Facebook GraphQL) and witness live demonstrations and scenarios using the Facebook mobile and web application.

Speakers

Bassem Bazzoun Security Researcher Meta Lebanon

14:20 – 14:40

DARK STAGE Mobile phishing in action! DARK STAGE In 2023, modern attacks directly targeting mobile phones or cloud services were detected in almost 71% of data leaks. These attacks are highly effective because they only use legitimate tools (MFA, O365, Google, etc.) and target users directly, without any malicious payload. We're going to look at these threats, which are real but very difficult to detect, and explain how mobile phishing kits are created, with an accurate demo. authentication protection.

Speakers

Bastien Bobe Field CTO Lookout

14:40 – 15:00

DARK STAGE Cyber Mirage: How Artificial Intelligence is Shaping the Future of Social Engineering DARK STAGE AI''s emergence has reshaped social engineering, spawning AI-powered threats. In a recent case in Hong Kong, scammers used deepfake and voice-cloning tech to steal $25 million. This talk showcases AI''s ability to create convincing deepfakes and voice clones, emphasizing the need for robust defense mechanisms against these evolving threats.

Speakers

Brandon Kovacs Senior Red Team Operator US

15:00 – 15:20

DARK STAGE Bytes and Knights: Armoring Up in the Age of Hack Attacks DARK STAGE An exhilarating session where bytes meet knights in the ongoing battle against hack attacks. Arm yourself with knowledge, resilience, and the tools needed to defend against the ever-present digital adversaries. We will delve into top attack techniques used by hackers to gain access to sensitive information and resources. Our knights will demonstrate real-world exploits, showcasing the critical security flaws that every organization and user must be aware of, and help you choose the right set of solutions to fortify your defenses.

Speakers

Anirban Mukherji Founder & CEO miniOrange India

Pratish Ray Head of IDP Technology & Principle Software Engineer miniOrange India

15:20 – 15:40

DARK STAGE Phishing-as-a-Service: Unmasking the New Financial Cyber Threat DARK STAGE As cyber threats continue to evolve, a concerning trend has emerged – the rise of "Phishing-as-a-Service" (PaaS). This session delves into the intricacies of this new financial cyber threat, exploring how threat actors are leveraging sophisticated services to conduct targeted phishing campaigns. Attendees will gain insights into the mechanics of PaaS, its impact on financial institutions, and effective strategies to counteract this growing menace.

Speakers

Dr. Deepak Kumar Sr. Cyber Intelligence & Digital Forensics Expert India

15:40 – 16:00

DARK STAGE If I don't know you, how can I trust you? DARK STAGE Let's talk about identity, governance, and what it means to "trust" in a dangerous zero-trust world. In this talk you'll learn the common threats, the challenges of protecting against them, and how to keep your digital doors locked tight.

Speakers

Rami Kayyali Chief Technology Officer & Regional Director The Kernel

16:00 – 17:00

DARK STAGE Ask the Hackers - First time @GISEC Dark Stage DARK STAGE Have you wondered what is on the mind of a hacker while they conduct a cyber-attack? Are you curious to know what motivates these hackers, what are the strategies they use? In this session, some of world’s top ethical hackers will answer everything you''ve ever wanted to know. Come ready with your questions and ask these hackers yourself and decode some exciting stories of their journey, learn their strategies, take a sneak peek into a hacker’s life.

Moderator

Big Hass Master of all Things Cool UAE

Speakers

Bryce Case Jr Hacker, Rapper, Entrepreneur, USA

Dimitris Pallis Ethical Hacker Greece

Dhruv Bisani Head of Red/Purple Team Starling Bank UK

Brandon Kovacs Senior Red Team Operator US

Judy Ngure Advisory Board Member CyberSafe Foundation Kenya

17:00 – 17:00

DARK STAGE Close DARK STAGE

10:30 – 10:30

DARK STAGE MC Remarks DARK STAGE

Moderator

Big Hass Master of all Things Cool UAE

10:30 – 10:50

DARK STAGE Hidden in Plain Sight: Exploiting Legitimate Services to Evade Email Security DARK STAGE In cybersecurity, phishing attacks persist despite advanced defenses like SPF and DMARC. Join us to learn how attackers exploit legitimate services to bypass email security, with real-world examples and strategies to mitigate risks.

Speakers

Dhruv Bisani Head of Red/Purple Team Starling Bank UK

10:50 – 11:10

DARK STAGE Unlock Secrets of the Dark Web with a Former US Secret Service Agent DARK STAGE You’ve heard the stories, read the news articles, and seen the movies. The shadowy underground economy, the enigmatic deep and dark web, and the mysterious figures who operate online are only known by their aliases. But how often do you have the chance to hear from a former US Secret Service Agent? An Agent who delved deep into the underbelly, becoming a player in the clandestine world of the underground economy. Now is your chance to hear how pivotal intelligence is and how using intelligence helped bring focus to an operation. The delicate art of moving from a digital online world into the physical realm. Learn how international operations peeled back the layers that hide the identity of illegal online operators. It's time to uncover the truth behind the veiled world of cyber intrigue.

Speakers

Richard K. LaTulip Field Chief Information Security Officer Recorded Future US

11:10 – 11:30

DARK STAGE Unlocking the Maze: A Simple tale of navigating the Identity Access Management and Governance Puzzle DARK STAGE

Speakers

Prasanth Prasad Spire Solutions UAE

11:30 – 11:50

DARK STAGE I Can Steal Your Sh1t DARK STAGE Most people switch off when someone starts talking about cyber security. In the time it takes you to read this synopsis, two small businesses will be successfully hacked in the UK. And yet, you still probably won’t do anything about it, because where do you even begin? If you dare to join the audience, Paul will steal your information in front of your eyes – and then he will point you in the right direction to do something about it.

Speakers

Paul Newton Mind Reader, Hypnotist, and Magician MentalTheft UK

11:50 – 12:10

DARK STAGE Fortifying Defenses Against AI-Powered Cyber Threats: Embracing Zero Trust Protection Strategies DARK STAGE As AI-driven cyber threats surge, this session explores the evolving landscape of attacks, emphasizing the need for robust defenses. From initial incursion to exfiltration, we delve into pivotal intervention moments and discuss zero trust strategies, resilient architectures, and more. Join to navigate the cybersecurity battlefield in the age of AI.

Speakers

Bahi Hour Sr. Director of Solution Engineering Xage Security, Inc. US

12:10 – 12:30

DARK STAGE AI powered Email Security DARK STAGE In an era where digital threats evolve with alarming speed, traditional cybersecurity measures often find themselves outpaced by sophisticated phishing schemes. Anxinsec, presents a compelling narrative on the role AI plays in identifying and neutralizing phishing emails and showcases how AI powered solutions can offer a formidable counter measure. The presentation will also address the challenges and ethical considerations inherent in deploying AI for security purposes. Questions around data privacy, the potential for false positives, and the ethical use of AI in monitoring communications are examined, offering a holistic view of the technological and moral landscape.

Speakers

Himesh Madhusoodanan Director of Products and Technology Anxinsec UAE

12:30 – 12:00

DARK STAGE Unleashing Generative AI 'demon' DARK STAGE Delve into the unsettling realm of AI-generated art. This session explores the darker facets of AI creativity, including the uncanny valley effect, intentionally disturbing creations, and the ethical implications therein. Uncover AI''s potential to manipulate appearances, inviting reflection on the consequences and ethical considerations surrounding disturbing AI art.

Speakers

Minh Hieu Ngo Reformed fraudster who single handedly stole personal data of 200 million U.S. citizens Vietnam

13:00 – 13:20

DARK STAGE Defending AI Attack Surface with Crowdsourced Testing DARK STAGE Crowdsourcing brings up to hundreds of fresh eyes to risk reduction tasks, counterbalancing the massive number of threat actors inspecting the attack surface. It also provides access to virtually any skill set, augmenting security teams on demand for red teaming, pen testing, bug bounty engagements, and vulnerability disclosure programs. This session offers an overview of the emergent AI Attack Surface, and why crowdsourcing is the right solution at the right time for AI Safety.

Speakers

Kevin Kersley Client Director - Middle East and Africa BUGCROWD Australia

13:20 – 13:40

DARK STAGE How profoundly do you investigate hackers network infrastructure? DARK STAGE One part of the threat intelligence process is investigating the hackers network infrastructure. The data that you will receive after this process depends on the sources and methods you use. We are used to seeing that the hackers network infrastructure consists of IP addresses, domains, and URLs. It looks like the general ingredients for IOC feeds, and they usually appear after reactive investigations. But there is more. For example, hackers are able to use popular public services such as clouds, messengers, and code storage as a control server for their malware. From one side, there is no opportunity to add these services as IOCs to your feed because they will generate false alarms. On the other hand, it gives additional context for threat intelligence to establish all aspects of an attack. In my presentation, I am going to talk about proactive detection of the hackers network infrastructure and how to use the disadvantages of using public services by hackers.

Speakers

Denis Kuvshinov Head of Threat Intelligence Positive Technologies Russia

13:40 – 14:00

DARK STAGE Weaponising AI for Cyber Attacks & Offensive Operations DARK STAGE Exploring how Generative AI is now being incorporated into Cyber Attack to decrease the level of effort and sophistication required from threat actors to compromise systems and payment services. How easy is it for us to replicate these attacks to steal Gold; Print money or disrupt the global economy? How can we incorporate Generative AI into Offensive Operations for a threat driven defence.

Speakers

Manit Sahib Offensive Security Lead Global Fund, United Nations UK

14:00 – 14:20

DARK STAGE Weaponizing Intel for Offensive Operations DARK STAGE Intelligence analysis has been the core foundation of protecting countries, nation-states' interests, military, governments and different organizations. Following the famous proverb "The best defence is a good offence", this talk will cover, through case studies, how a Red Team can leverage threat intelligence to lead and win Adversary Simulation Operations to counter the bad guys before they get in.

Speakers

Saurabh Harit Practice Lead, Red Team Google FZ LLC UAE

Hatem Mohamed Senior Red Team Consultant Google FZ LLC UAE

14:20 – 14:40

DARK STAGE The Rise of Hacktivism During Tension DARK STAGE Join Group-IB for a compelling exploration of "The Rise of Hacktivism During Tension," as we delve into the intersection of cyber activism and societal unrest. Against the backdrop of escalating global tensions, this session offers a unique perspective on the evolving landscape of hacktivism and its implications for cybersecurity and geopolitics.

Speakers

Ivan Pisarev Head of Threat Intelligence MEA, Group IB

14:40 – 15:00

DARK STAGE Financial Application Security: Detecting and Preventing IDOR Attacks DARK STAGE

Speakers

Ilkin Javadov Senior Penetration Tester & Ethical Hacker Azerbaijan

15:00 – 15:20

DARK STAGE THINK YOU CAN’T GET PHISHED? THINK AGAIN… DARK STAGE Many presentations TALK about hacking and compromise, but how many of them actually DEMONSTRATE one? This one does. This will show attendees how simple such an endeavour can be, and more importantly, how easy it is to fall victim to one. In this talk we will first dissect an actual phishing attempt. We will then view it LIVE from the hacker side of the computer!

Speakers

Kevin James Ripa Senior instructor SANS Institute

15:20 – 15:40

DARK STAGE SDR Hacking of Radiowaves: Risks and Mitigation Strategies DARK STAGE Software-defined radio (SDR) technology has revolutionized the way we interact with wireless communication systems. However, this technology has also opened up new avenues for hackers to exploit vulnerabilities in radio systems. In this presentation, we will explore the risks associated with SDR hacking of radiowaves, including eavesdropping, payload extraction and replay attacks. We will also discuss the various mitigation strategies that can be employed to protect against these attacks, including encryption and signal modulation techniques. By the end of this presentation, you will have a better understanding of the potential risks associated with SDR hacking of radiowaves, and the steps you can take to protect your wireless communication systems.

Speakers

Ivan Glinkin Cyber Team Deloitte ME UAE

Kirill Bureev Cyber Team Deloitte ME UAE

15:40 – 16:00

DARK STAGE The Artistry of Account Hijacking and the Ballet of Bank OTP Bypass Scams DARK STAGE High-stakes exploration of authentication bypass, where live demonstrations reveal vulnerabilities in active websites. Witness potential consequences – from data breaches to privacy violations – and gain actionable insights into resilient mitigations. Join for practical solutions and a firsthand look at the dynamic authentication security landscape.

Speakers

Sankarraj Subramanian Cybersecurity Expert India

16:00 – 17:00

Moderator

Big Hass Master of all Things Cool UAE

Speakers

Alina Tan Ethical Hacker Singapore

Minh Hieu Ngo Reformed fraudster who single handedly stole personal data of 200 million U.S. citizens Vietnam

Sankarraj Subramanian Cybersecurity Expert India

David Colombo Tesla Hacker Germany

17:00 – 17:00

DARK STAGE Close DARK STAGE

10:30 – 10:30

INSPIRE [WOMEN IN CYBERSECURITY] MC Remarks DARK STAGE

Speakers

Big Hass Radio Host Pulse 95 FM UAE

10:30 – 10:50

INSPIRE [WOMEN IN CYBERSECURITY] TED Talk Movie Style session DARK STAGE Decrypt or Destruction? Staring into the heart of a ransomware incident

Embark into the heart of a ransomware incident. Uncover the strategies employed by the cyber criminal group, and witness the customer''s response to this digital threat. The pivotal question awaits: Would the outcome remain unchanged with the incorporation of AI? Join us in uncovering the untold possibilities, just bring the popcorn along!

Speakers

Katerina Tasiopoulou CEO Exelasis United Kingdom

10:50 – 11:10

INSPIRE [WOMEN IN CYBERSECURITY] Analysis of an in-vehicular network from the perspective of a test bench DARK STAGE Car manufacturers redefine driving experiences with Connected Vehicles, integrating extensive features for communication with external devices and wireless infrastructure. Alina discusses building a prototype test bench for vehicle CAN bus testing, introducing new protocols and explaining vehicle architecture, features, vulnerabilities, and learning points with challenges.

Speakers

Alina Tan Ethical Hacker Singapore

11:10 – 11:30

INSPIRE [WOMEN IN CYBERSECURITY] Open Banking scares customers, but they still want what APIs can deliver DARK STAGE This exciting session covers fintech asset protection, API and Open Banking security, blockchain security, secure payment technologies, and cyber attack case studies.

Speakers

Judy Ngure Advisory Board Member CyberSafe Foundation Kenya

11:30 – 11:50

INSPIRE [WOMEN IN CYBERSECURITY] Security Professional or Easy Target? DARK STAGE Security professionals constantly seek the latest threats, breaches, and defenses across all industries, but this pursuit raises concerns about divulging too much information. Join Valerie for insights and strategies to safeguard against unnecessary risks.

Speakers

Valerie Thomas Independent Cybersecurity Consultant US

11:50 – 12:20

INSPIRE [WOMEN IN CYBERSECURITY] Ask the Hacker - First time @GISEC Inspire Stage DARK STAGE Have you wondered what is on the mind of a hacker while they conduct a cyber-attack? Are you curious to know what motivates these hackers, what are the strategies they use? In this session, some of world’s top ethical hackers will answer everything you've ever wanted to know. Come ready with your questions and ask these hackers yourself and decode some exciting stories of their journey, learn their strategies, take a sneak peek into a hacker’s life.

Moderator

Big Hass Master of all Things Cool UAE

Speakers

Judy Ngure Advisory Board Member CyberSafe Foundation Kenya

Valerie Thomas Independent Cybersecurity Consultant US

Alina Tan Ethical Hacker Singapore

12:20 – 12:50

DARK STAGE Panel Discussion: Women & Cybersecurity: Redefining Risk and Representation DARK STAGE The International Telecommunication Union (ITU) presents a thought-provoking session highlighting the unique challenges faced by women in cybersecurity. The session will explore the dual vulnerability and underrepresentation of women in the field, and delve into the disproportionate impact of online risks, while uncovering the persistent barriers hindering women's participation. The session will showcase current global and regional initiatives aimed at skilling women in the cyber workforce, featuring initiatives from the ITU and Women in Cybersecurity Middle East.

Moderator

Heide Young Founding Partner & Board Member Women in Cyber Security Middle East (WiCSME)

Speakers

Yasmine Idrissi Azzouzi Cybersecurity Programme Officer ITU Switzerland

Dr. Reem AlShammari CyberSecurity and Technology Thought Leader Energy Sector Kuwait

Alya Al-Saadi Cybercrime Programme Coordinator INTERPOL

12:50 – 13:05

INSPIRE [WOMEN IN CYBERSECURITY] Empowering the workforce: DCIPark CISO Executive Program DARK STAGE

Speakers

Moaza Majed Project Manager DESC - Dubai Cyber Innovation Park (DCIPark)

13:05 – 13:20

INSPIRE [WOMEN IN CYBERSECURITY] Navigating the New Era of Cyber Threats: Leveraging AI for Enhanced Cybersecurity DARK STAGE Discover how AI revolutionizes cybersecurity in this session as we explore AI's role in proactive threat detection and response, equipping organizations to thrive in today's dynamic threat landscape.

Speakers

Dr. Hoda A.Alkhzaimi Co-Chair for Global Future Council for Cybersecurity UAE