Invited Speakers

The invited and guest speakers refer to those speakers who have been invited as keynote and industry speakers respectively.  Keynote speakers are reputable speakers since they are experts in their filed of practice. Industry speakers talk about the local and international trends in information security products, methodologies and management issues. ISSA aims to balance talks from industry and academia, and therefore, keynote and invited speakers fulfil a key role in order to strike such a balance between industry and academia. These keynote and invited speakers are listed below in no particular order:

Guest Speaker: Sizwe Lindelo Snail ka Mtuze                                                                          Affiliation: Snail Attorneys @ Law Incorporated

Topic:  Cyber Crime and Security law - with an emphasis on Cyber Terrorism

Abstract: Cyber Crime and Cyber security are contemporary problems around the world and it has become clear that the internet and social-media have become viable platforms for cyber terrorist activities. This article seeks to examine Cyber Crime and Cyber Security legislation in Africa with an emphasis on Cyber Terrorism with focus on South Africa with reference to International best practice with particular reference to the Budapest Convention on Cyber Crimes by the the Council of Europe and subsequent protocols.

Guest Speaker: Craig Rosewarne                                                                                                        Affiliation: Wolfpack Information Risk (Pty) Ltd

Topic: South African national cyber security challenges & initiatives

Abstract: Wolfpack have a number of national projects on the go in partnership with SA public & the private sectors:

1. National Training and Awareness programme 

2. Establish a Community Threat Intelligence Centre

3. Establishing Industry Cyber Incident Response Teams for all major private sectors

4. Other initiatives include Critical Information Infrastructure Protection (CIIP) phase 2 and Improved Cybercrime Task Force collaboration.

Keynote address: Prof Rebecca Wright                                                Director of DIMACS, Rutgers University, USA

Topic: Differential Privacy in Practice

Abstract: As information and computing technologies and “big data” analysis become more pervasive, so too does the concern about the privacy of sensitive information.  In order to fulfil the promise of these technologies to make advances in areas such as health care, energy, and smart communities, it is necessary to ensure that privacy protections are built in to the solutions.  Differential privacy has been put forth as a promising technique for protecting the privacy of individuals while still enabling the use of data in many applications.  In this talk, I will provide a brief overview of differential privacy and its promise, and then discuss differential privacy solutions in the contexts of human mobility modelling and anomaly detection.  I will also discuss a proposed architecture for combining secure multiparty computation, differential privacy, and policy handling, as well as some challenges to its practical deployment.

Guest Speaker: Dr. Kishor Krishnan Nair                                              Affiliation: Council for Scientific and Industrial Research

Topic: Towards a Robust Fingerprint Authentication System Protocol

Abstract: In the present world, biometric authentication systems are increasingly achieving extensive use of which Fingerprint Authentication Systems (FASs) are gaining massive acceptance across the globe. Although FAS provides higher security than majority of its biometric counterparts and to conventional authentication systems using passwords and Personal Identification Numbers (PINs), they are also susceptible to the inherent security vulnerabilities associated with biometric modalities in general. The most relevant vulnerability is that once the biometric template is compromised, it cannot be replaced or destroyed. This talk begins with a background of the FAS and it showcases the current biometric vulnerabilities, from an FAS perspective. It focuses on conceptualizing an FAS protocol that can address the major FAS protocol security vulnerabilities. The protocol is abstracted based on the key idea of a unique One Time Template (OTT), which will be valid only for a single authentication session. Moreover, the proposed FAS protocol does not need the storage and transmission of the original fingerprint template, thereby addressing the most dangerous vulnerability associated with biometrics, which is the compromise of the original biometric template

Panel discussion: Privacy considerations for South Africa – perspectives from industry and academia

Abstract: This panel discussion will explore privacy considerations for South Africa from an industry and academic perspective. The impact of PoPI on the industry will be discussed focusing on the challenges experienced and lessons learnt from implementation projects. A focus on the efforts from an academic perspective is included to highlight the need for intervention on all levels and the constant drive to promote research to promote information protection and compliance with regulations.

Participants: Security4U Research Group from Unisa and Hermien Malan from PricewaterhouseCoopers and Hester Scholz, an Independent Specialist in Privacy and ICT Consulting                                                                                                                                                     Facilitator: Dr. Adéle da Veiga from Unisa

South African Cybersecurity Research, Development and Innovation Programme in support of national objectives                                                                                                       Presenter: Dr Barend Taute, CSIR Meraka Institute

Abstract: The South African Department of Science and Technology (DST) engaged government departments, science councils, industry and academia in order to develop its first Cybersecurity Research, Development and Innovation (RDI) Programme. The DST identified 16 cybersecurity themes. The RDI Programme describes the challenges and RDI opportunities within each theme. Its objectives are to enhance the strategic independence and operational effectiveness of government in dealing with cybersecurity, to coordinate national RDI activities and partnerships, to build a strong innovation ecosystem, to build relevant human capacity and skills, and to seek alignment between government and the private sector. The presentation will give an overview of the context, objectives, themes and implementation plan.

Guest Speaker: Candice Sutherland                                                               Affiliation:  Business Development Underwriter at Hollard

Topic: Cyber Insurance

Abstract: The talk will be about Cyber Insurance; What is cyber-crime? Is cyber-crime an issue in South Africa? Companies that have been breached; How do I protect myself/my company; What is cyber insurance?

Guest Speaker: Rogan Dawes                                                                  Affiliation Senior Researcher at SensePost Information Security

Topic: Remote Physical Attacks using USB

Abstract: In this talk, Rogan will cover some novel USB-level attacks that can provide remote command and control of, even air-gapped machines, with a minimal forensic footprint, and release an open-source toolset using freely available hardware.  While most people are familiar with USB devices, many don't realise the extent to which the USB standard allows seemingly innocuous devices to have multiple personalities. There has been an extensive amount of research into malicious USB devices, such as TURNIPSCHOOL, GoodFET/Facedancer and the Rubber Ducky, however none of these implement an end-to-end attack.