The Organization of the Islamic Cooperation – Computer Emergency Response Team (OIC-CERT) & the ITU Arab Regional Cyber Security Center (ITU-ARCC) will be having the 13th Annual Conference and the 9th Arab Regional Cybersecurity Summit 2021 hosted by the National Cybersecurity Authority (NCA) of the Kingdom of Saudi Arabia.
Leader
NCA and Saudi CERT
Haitham AL Hajri is an Executive- Cyber Security Specialist at Oman National CERT, within the Cyber Security Projects Division. Haitham fundamental education orbited around Information and Cyber Security Domain, with emphasis on e-crime prevention and threat management.
From bachelors in computer security, masters of digital forensics to a P.h.D in Cyber Security Management, along with a cluster of professional and specialized certifications within the IT Security Industry. Haitham been involved in planning, implementation and execution of a variety of IT & Cyber Security projects and strategies, to strengthen the capabilities that enable the organization ultimately achieve their objectives with emphasis of Governance, Risk and Compliance (GRC), to address uncertainties and posing security risks. Correspondingly, enhancing human cybersecurity capacity, and promoting of security culture within the critical and public sectors. Haitham is an active contributor within information Security research communities, and startup tech companies, along with speaking, consulting and conducting various cyber security researches and enabling the upcoming researchers.
Executive Cyber Security Specialist
Oman National CERT
Assoc. Prof. Col (R) Dato’ Ts. Dr. Husin Jazri PhD CISSP, preferred to be called Prof Jazz is a Senior Vice President (Cybersecurity) Serba Dinamik Group Berhad and a director of Serba Dinamik Cybersecurity Sdn Bhd. He is also a cybersecurity professor at the University of Malaysia for Computing and Engineering in Cyberjaya, Malaysia and the Chief Editor of eSecurity and Privacy Channel (ESPC), a dedicated cybersecurity media covering cradle to heaven. Prior to that, he was an Associate Professor and a Senior Director of Information Security at the Asia Pacific University of Technology & Innovation (APU).
Dr Jazz was the founder, Director and 1st CEO of Cybersecurity Malaysia. Prior to CSM, he was the Director of the National ICT Security and Emergency Response Centre (NISER), at MIMOS Berhad. He had initiated many strategic projects for the Malaysian Armed Forces, and the Government of Malaysia during his service period including Cyber999, Common Criteria, Cyber Clinics, CyberSAFE, ASCLAB for Digital Forensics, etc.
At International front, he was an Associate Professor in Cybersecurity at the Namibia University of Science and Technology (NUST), Southern African Region in-charge of cybersecurity programs and was awarded the Best Teaching Professor during his tenure. Prof Jazri was a co-founder and the first Co-Chair of Asia Pacific CERT, the founder and the first chair of OIC-CERT. He was the recipient of the prestigious Harold Tipton Lifetime Achievement Award by the ISC2, USA, for his contribution in cybersecurity world. He has more than 30 years of blended cybersecurity and information security working experiences.
Prof Jazz graduated with BSc in Engineering (Connecticut, USA), Post-Graduate Diploma in System Analysis (UiTM, Malaysia), MSc (Distinction) in Information Security (Royal Holloway, Univ of London, UK), MBA from University Putra Malaysia and PhD in Computer Science (Cybersecurity) from the National Defence University of Malaysia.
He can be reached at hjazri@e-serbadkgroup.com / drjazz@espc2go.com. His ESPC project is at https://www.espc2go.com
Senior VP and Director of Cybersecurity
Serba Dinamik Group Berhad
In-Charge Director of Compliance
MTCIT, Sultanate of Oman
Jacomo Piccolini joined Team Cymru in 2012 as part of the Outreach Team and is based in Brazil. Prior to working at Team Cymru, he worked at the Brazilian Research and Academic Network, at their Academic CSIRT, and acted as the Academic Coordinator for the Educational School’s security and IT governance curriculum. With 21 years of field experience, Jacomo holds a degree in Engineering and a post-graduate degree in Computer Science and Business Administration. Jacomo is known globally due to his long time involvement in FIRST (The Forum for Incident Response and Security Teams). He is a Liaison Member of FIRST and the team representative for Team Cymru. Jacomo is also Team Cymru representative at OIC-CERT. Previously Jacomo coordinated hands-on activities for FIRST and is now contributing on the Membership Committee. Jacomo is also known for his work and contributions within several security communities and trust-based groups, serving as an advisor, doing pro bono work and as an elected board member. Jacomo is responsible for Team Cymru’s Community Services, including the CSIRT Assistance Program (CAP) and the Data Sharing Partnerships. When possible he returns to education, teaching network forensics and CSIRT security courses, at the post-graduate level, as an invited professor. When not working to make our networks safer places, Jacomo spends time doing his other great love, photography.
Outreach
Team
Team Cymru
Aloysius Cheang is currently the Chief Security Officer of Huawei UAE responsible for driving the company’s cybersecurity vision of building a safe and secure intelligent connected digital world in the UAE and the region. He is also a Board Director for US-based (ISC)2, as well as UK-based cyber leadership think tank, the Centre for Strategic Cyberspace + International Studies (CSCIS). In his career spanning over 20 years, Aloysius had delivered direct business values in strategic, complex, multi-year and multi-million dollar technology and cyber program for Global 500 organizations worldwide while managing large multi-cultural, multi-disciplinary team spread across 5 continents and 4 major time zones time after time. Aloysius was a Co-Founder and Managing Director for Cloud Security Alliance Asia Pacific (CSA) and was the Chief Standards Officer for CSA globally. Prior the CSA, he was the Worldwide Head of Security for Vodafone Global Enterprise and a Security Practice Leader with PricewaterhouseCoopers Singapore, having started his career with DSO National Laboratories in Singapore focusing on Defence R&D.
Aloysius was instrumental in driving IT Security professionalization, with attempts to create dual hubs for the certification/chartering process in the mid-2000s with the Institute for Information Security Professionals (IISP) now known as Chartered Institute of Information Security in UK and Association of Information Security Professionals (AISP) in Singapore, of which he was protem chairman AISP from 2002- 2007. He has been appointed to many national level committees such as the National Cloud Computing Advisory Council of Singapore and the National Cyber Defence Research Centre (NCDRC) of India and university advisory boards such as Republic Polytechnic, Singapore Institute of Technology and University of Wakaito in New Zealand.Additionally, he was a former Head of Delegation for the Singapore National Body to ISO, liaison person to ITU-T SG 13 and SG 17, the author for ISO/IEC 27032 “Guidelines for Cybersecurity”, that defines the term “Cybersecurity”. As a globally recognized cybersecurity expert, Aloysius‘s professional perspective is highly valued by major media such as the BBC, Times, Wall Street Journal, ZDNet, ISMG, MSN News, CXO Insights, Teletimes International, Xinhua News, SCMP, Phoenix Media, The Hindu, The Nation, Bangkok Post, Economic Times Daily, China Times, The Straits Times, ChannelNewsAsia, Zawya, The National, Gulf Business and Al Bawaba.
Chief Security Officer
Huawei UAE
Senior Cybersecurity Regulatory Expert
NCA
Victor is a reverse engineer with more than 9 years of cumulative experience in the field of malware research.
His primary interests include antimalware technology, ML/AI-Ops, incident response, malware analysis and deep affinity with the audio programming and VST SDK plugin development (DSP) technologies with a strong effort to combine technical and creative aspects of these crafts.
Since 2011, he has trained many malware analysts and incident responders and is a successfully published author in the field of malware analysis with his book ‘Windows Malware Analysis Essentials’ (Packt 2015) making it to lists of Book Authority’s 100 Best Malware Books of All Time (rank 14) and the 100 Best Selling Malware Books of All Time which is humble recognition of his contributions thus far.
His direct involvement in interesting end-to-end projects with clients ranging from startups to F500 firms gives him first hand knowledge and adaptability wearing many hats ensuring successful completion with record turnaround times.
Engineer
Group-IB
Rohana presently serves as the Chief Operating Officer at Sri Lanka CERT|CC, the national CERT of Sri Lanka.
He is a pioneering team member of Sri Lankan CERT, having joined the team at its very inception in 2006. He has a BSc Eng (Honors) Degree in Electronics and Telecommunication Engineering and an MBA in IT from the University of Moratuwa.
Rohana is a GIAC Certified Incident handler, Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and has been involved in handling and resolving many security incidents of varying flavours during his time at Sri Lanka CERT.
He plays a significant role in setting up the National Certification Authority whilst being engaged in international collaboration efforts of Sri Lanka CERT|CC as a Steering Committee member of APCERT.
Chief Operating Officer
Sri Lanka CERT|CC
Naser Aldossary is a Principal Industrial Incident Responder within the Dragos Global Professional Services team where he specializes in Industrial control system security & Incident response. He was also part of the team that responded to an attack on a petrochemical plant that led to discovery of the group xenotime behind the Trisis/Triton malware.
Naser led multiple cyber security assessment , threat hunts and compromise assessments across wide variety of critical infrastructure in the kingdom of Saudi Arabia and the Middle East. Naser holds a Bachelor of science in computer administration and security from Ferris State University in Michigan as well as a Master of science from the Georgia institute of technology.
Principal Incident Responder
Dragos
Muhammad Salman is currently having a role as a representative of National Cyber and Crypto Agency (NCCA) Republic Indonesia for OIC-CERT Board Member. He is also a lecturer and researcher at Computer Engineering, Faculty of Engineering, University of Indonesia especially in the field of Network and Information Security. Salman holds his Doctoral degree in Information Network Security from Universitas Indonesia, and Master degree in Information Technology from Monash University, Melbourne, Australia. He is also an alumnae of Cybersecurity Leadership Program (IVLP) in Washington DC, United States organized by Department of State, US.
Regarding his journey of experience, he was a former Vice Chairman of ID-SIRTII (Indonesia Security Incident Response Team on Internet Infrastructure) under Ministry of Information and Communication Technology, Republic of Indonesia. He is also Co-Founder and Board Member of newly establishing institution, Id-CARE.UI (Indonesia Cybersecurity and Resilience Center, Universitas Indonesia) for developing capacity building and research in cybersecurity related field. Now, he is running a 5 (five) year project with JICA in Building Human Resources Development for Cyber Security Professionals in Indonesia and ASEAN region.
In term of establishing the professional certification program, he joins as Council Member and Professional Instructor for Cisco Networking Academy, CompTIA and EC-Council. He also actively involved in conducting and managing ICT Community Development for Bridging the Digital Divide and also Building Internet Security and Safety Awareness. He joins as member of IEEE Computer Society, ISSA, ISACA, ISOC, ACM, CSA and IACSIT. He also has lots of experiences during his previously roles in representing as a member of different regional and international forums and committees in information security area including APCERT, ANSAC, CAMP, FIRST and OIC-CERT, as well as actively participating and delivering speech in several conferences, workshops, trainings including information security, networks, ICT community development, professional education, industry and academic partnership.
Board Member
Indonesia GovCSIRT and NCCA
Chief Operating Officer
CyberSecurity Malaysia
Having to evolve from a Information Security Penetration Tester in the United Arab Emirates Computer Emergency Response team in Telecommunication Regulatory Authority 2015, to Manager of Security Services of aeCERT in Telecommunication and Digital Regulatory Authority in 2021.
Mohammad Bushlaibi demonstrated his history of working in the telecommunications industry combining his hands on skills of security testing and knowledge transfer into his Security Awareness sessions.
His previous roles included having to conduct multiple penetration testing and more than 100+ Security Awareness Sessions in the UAE as well as representing the TDRA in multiple TV interviews with an aim to raise Information Security Awareness to Federal and Government entities in the UAE.
In 2018, Mohammad Bushlaibi scored a Radio Show in UAE Media Corporations co-hosting a program called (Your Technology) where it focuses on the latest trends in Technology by exploring new technology. Now he is having his own Radio Show of ( Living in a Digital World ). Mohammad is also the Content Creator of the Tech Social Media Account (Fudhooli) where he presents a variety of Technical Episodes that leverages to the public audience.
His current responsibilities and roles includes providing Security Services to all Federal Entities, ensuring that the privacy and cyber security of all National Entities are being protected, and finally protecting the IT Infrastructure in the UAE in Digital Government Scope from Cyber Threats.
Manager of Security Services
AeCERT/ TDRA, UAE
Fatimah Alakeel is a cybersecurity advisor at NCA, leading the awareness activities of the Saudi CERT. Fatimah is an assistant professor at King Saud University, where she holds a position of the vice head of KSU training Center. Outside of her work, she has several volunteering engagements with the society, one of them is CIAG, a non-profit organization focused on building capacity and raising awareness in cybersecurity. Fatimah had completed her PhD from University of Southampton, UK, in the area of secure software development. She also holds an MSc in Computer Science from DePaul University, USA. Her areas of interest are: cybersecurity, privacy, data science, and software engineering. Moreover, Fatimah is a writer, a trainer, and a public speaker.
Cybersecurity Advisor
NCA and Saudi CERT
She manages the team responsible for monitoring cybernetic risks with early warning of attacks on national cyberspace, in coordination with Internet service providers and various stakeholders. And coordinating with similar international centers (CERT) in order to identify and combat cybernetic risks and to exchange information concerning new developments on an international scale in the field.
She is former Director of Network information center and in charge of commercial and competitive intelligence in ‘Tunisie Internet’ which an internet service provider, the cctld technical registry, an Afrinic LIR member and running TunIXP.
Director
TunCERT
Note: All timings are UTC+3 (Riyadh)
In accommodating efforts and strategies to modernize the IT applications, organizations rushed to upgrade their assets to attain greater agility and scalability. This session will discuss on the key factors of proper security measures that might be overlooked by organizations.
Abdulrahman Almousa is a leader in the Saudi CERT. He has actively contributed to the development of cybersecurity programs and initiatives that aims to minimize cybersecurity risks and raise the level of awareness among general public at the national level. Almousa’s expertise spans a wide range of Cybersecurity fields; including a deep understanding of the application security, secure system development lifecycles, and planning, implementing and executing of a variety of Cybersecurity project and strategies in the field of cyber resiliency. He received his Bachelor’s degree in Computer Software Engineering form King Fahd University of Petroleum and Minerals and his Master’s degree in Computer and Information Systems Security and Information Assurance from Georgia Institute of Technology.
Haitham’s fundamental education orbited around Information and Cyber Security Domain, with emphasis on e-crime prevention and threat management, from a Bachelor’s in Computer Security, a Masters of Digital Forensics to a P.h.D in Cyber Security Management, along with a cluster of professional and specialized certifications within the IT Security Industry.
Haitham has been involved in planning, implementation and execution of a variety of IT & Cyber Security projects and strategies, to strengthen the capabilities that enable the organization ultimately achieve their objectives with emphasis of Governance, Risk and Compliance (GRC), to address uncertainties and posing security risks.
Correspondingly, enhancing human cybersecurity capacity, and promotion of security culture within the critical and public sectors. Haitham is an active contributor within Information Security research communities, and startup tech companies, along with speaking, consulting and conducting various cyber security researches and enabling the upcoming researchers.
Assoc. Prof. Col (R) Dr. Husin Jazri PhD CISSP, preferred to be called Prof Jazz, is a Senior Vice President (Cybersecurity) Serba Dinamik Group Berhad and a director of Serba Dinamik Cybersecurity Sdn Bhd.
He is also a cybersecurity professor at the University of Malaysia for Computing and Engineering in Cyberjaya, Malaysia and the Chief Editor of eSecurity and Privacy Channel (ESPC), a dedicated cybersecurity media covering cradle to Heaven.
Prior to that, he was an Associate Professor and a Senior Director of Information Security at the Asia Pacific University of Technology & Innovation (APU).
Dr Jazz was the founder, Director and 1st CEO of Cybersecurity Malaysia. Prior to CSM, he was the Director of the National ICT Security and Emergency Response Centre (NISER), at MIMOS Berhad. He had initiated many strategic projects for the Malaysian Armed Forces, and the Government of Malaysia during his service period including Cyber999, Common Criteria, Cyber Clinics, CyberSAFE, ASCLAB for Digital Forensics etc.
At International Front, he was an Associate Professor in Cybersecurity at the Namibia University of Science and Technology (NUST), Southern African Region in-charge of cybersecurity programs and was awarded the Best Teaching Professor during his tenure. Prof. Jazri was a co-founder and the first co-chair of Asia Pacific CERT, the founder and the first chair of OIC-CERT. He was the recipient of the prestigious Harold Tipton Lifetime Achievement Award by the ISC2, USA, for his contribution in cybersecurity world. He has more than 30 years of blended cybersecurity and information security working experiences.
Prof Jazz graduated with BSc in Engineering (Connecticut, USA), Post-Graduate Diploma in System Analysis (UiTM, Malaysia), MSc (Distinction) in Information Security (Royal Holloway, Univ of London, UK), MBA from University Putra Malaysia and PhD in Computer Science (Cybersecurity) from the National Defence University of Malaysia.
He can be reached at hjazri@e-serbadkgroup.com / drjazz@espc2go.com.
His ESPC project is at https://www.espc2go.com
As enterprises scale up their use of emerging technologies, they are exposed to new threats. Moreover, the adoption of IoT, Cloud, AI, and Blockchain, to name a few, will be greatly affecting the daily organizational operations. This session will discuss the measures for a safe and resilient operations within these disruptive technologies.
Rasha has almost 14 years of experience in various IT domains and served at key national government projects related to IT Governance, Security Management and IT Compliance. She has been engaged in the development of national policies and standards for governing the IT industry in Oman, as well as providing guidance and consultancies to government agencies, and conducting research on the new technological trends.
She is currently leading the national compliance program for the government sector, the IT Accreditation program of the private sector, and has been actively involved in the revision of national IT-related laws.
Jacomo Piccolini joined Team Cymru in 2012 as part of the Outreach Team and is based in Brazil. Prior to working at Team Cymru, he worked at the Brazilian Research and Academic Network, at their Academic CSIRT, and acted as the Academic Coordinator for the Educational School’s security and IT governance curriculum. With 21 years of field experience, Jacomo holds a degree in Engineering and a post-graduate degree in Computer Science and Business Administration. Jacomo is known globally due to his long time involvement in FIRST (The Forum for Incident Response and Security Teams). He is a Liaison Member of FIRST and the team representative for Team Cymru. Jacomo is also Team Cymru representative at OIC-CERT. Previously Jacomo coordinated hands-on activities for FIRST and is now contributing on the Membership Committee. Jacomo is also known for his work and contributions within several security communities and trust-based groups, serving as an advisor, doing pro bono work and as an elected board member. Jacomo is responsible for Team Cymru’s Community Services, including the CSIRT Assistance Program (CAP) and the Data Sharing Partnerships. When possible he returns to education, teaching network forensics and CSIRT security courses, at the post-graduate level, as an invited professor. When not working to make our networks safer places, Jacomo spends time doing his other great love, photography.
Aloysius Cheang is currently the Chief Security Officer of Huawei UAE responsible for driving the company’s cybersecurity vision of building a safe and secure intelligent connected digital world in the UAE and the region. He is also a Board Director for US-based (ISC)2, as well as UK-based cyber leadership think tank, the Centre for Strategic Cyberspace + International Studies (CSCIS).
In his career spanning over 20 years, Aloysius had delivered direct business values in strategic, complex, multi-year and multi-million dollar technology and cyber program for Global 500 organizations worldwide while managing large multi-cultural, multi-disciplinary team spread across 5 continents and 4 major time zones time after time. Aloysius was a Co-Founder and Managing Director for Cloud Security Alliance Asia Pacific (CSA) and was the Chief Standards Officer for CSA globally. Prior the CSA, he was the Worldwide Head of Security for Vodafone Global Enterprise and a Security Practice Leader with Pricewaterhouse Coopers Singapore, having started his career with DSO National Laboratories in Singapore focusing on Defence R&D.
Aloysius was instrumental in driving IT Security professionalism, with attempts to create dual hubs for the certification/chartering process in the mid-2000s with the Institute for Information Security Professionals (IISP) now known as Chartered Institute of Information Security in UK and Association of Information Security Professionals (AISP) in Singapore, of which he was protem chairman AISP from 2002- 2007. He has been appointed to many national level committees such as the National Cloud Computing Advisory Council of Singapore and the National Cyber Defence Research Centre (NCDRC) of India and university advisory boards such as Republic Polytechnic, Singapore Institute of Technology and University of Wakaito in New Zealand.Additionally, he was a former Head of Delegation for the Singapore National Body to ISO, liaison person to ITU-T SG 13 and SG 17, the author for ISO/IEC 27032 “Guidelines for Cybersecurity”, that defines the term “Cybersecurity”. As a globally recognized cybersecurity expert, Aloysius‘s professional perspective is highly valued by major media such as the BBC, Times, Wall Street Journal, ZDNet, ISMG, MSN News, CXO Insights, Teletimes International, Xinhua News, SCMP, Phoenix Media, The Hindu, The Nation, Bangkok Post, Economic Times Daily, China Times, The Straits Times, ChannelNewsAsia, Zawya, The National, Gulf Business and Al Bawaba.
Wafa Dahmani manages the team responsible for monitoring cybernetic risks with early warning of attacks on national cyberspace, in coordination with Internet service providers and various stakeholders. And coordinating with similar international centers (CERT) in order to identify and combat cybernetic risks and to exchange information concerning new developments on an international scale in the field
She is former Director of Network information center and in charge of commercial and competitive intelligence in ‘Tunisie Internet’ which an internet service provider, the CCTD Technical Registry, an Afrinic LIR member and running TunIXP.
The Industrial Control Systems (ICS) are indispensable for a number of industrial processes. Nowadays, ICS are connected to the Internet which enables streamlining and automation of industrial processes but carries with it the risk of exposure to cyber-attacks. This session will discuss best practices for ICS and enhancing cybersecurity.
Ahmad Mohawish has more than 15 years of experience in cybersecurity related fields, working with high performance teams to achieve strategic and tactical goals. He has a master degree from Carnegie Mellon University, with highest distinction, in Information Security Policy and Management. Ahmad works in the National Cybersecurity Authority (NCA) of the Kingdom of Saudi Arabia to help shape the Kingdom’s cybersecurity regulatory environment. Beside his public sector experience, Ahmad has an extensive experience in the private sector. Prior to joining NCA, Ahmad was leading the team responsible for reporting cybersecurity risk to the board of directors of a leading global energy provider. He has achieved around 20 professional certificates in cybersecurity related fields and has undergone several management consulting assessment and development. Ahmad is very keen about today’s topic given that he has worked as a process control engineer and understand the challenges in this field.
Victor is a reverse engineer with more than 9 years of cumulative experience in the field of malware research.
His primary interests include antimalware technology, ML/AI-Ops, incident response, malware analysis and deep affinity with the audio programming and VST SDK plugin development (DSP) technologies with a strong effort to combine technical and creative aspects of these crafts.
Since 2011, he has trained many malware analysts and incident responders and is a successfully published author in the field of malware analysis with his book ‘Windows Malware Analysis Essentials’ (Packt 2015) making it to lists of Book Authority’s 100 Best Malware Books of All Time (rank 14) and the 100 Best Selling Malware Books of All Time which is humble recognition of his contributions thus far.
His direct involvement in interesting end-to-end projects with clients ranging from startups to F500 firms gives him first hand knowledge and adaptability wearing many hats ensuring successful completion with record turnaround times.
Rohana presently serves as the Chief Operating Officer at Sri Lanka CERT|CC, the national CERT of Sri Lanka.
He is a pioneering team member of Sri Lankan CERT, having joined the team at its very inception in 2006. He has a BSc Eng (Honors) Degree in Electronics and Telecommunication Engineering and an MBA in IT from the University of Moratuwa.
Rohana is a GIAC Certified Incident handler, Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and has been involved in handling and resolving many security incidents of varying flavours during his time at Sri Lanka CERT.
He plays a significant role in setting up the National Certification Authority whilst being engaged in international collaboration efforts of Sri Lanka CERT|CC as a Steering Committee member of APCERT.
Naser Aldossary is a Principal Industrial Incident Responder within the Dragos Global Professional Services team where he specializes in Industrial control system security & Incident response. He was also part of the team that responded to an attack on a petrochemical plant that led to discovery of the group xenotime behind the Trisis/Triton malware.
Naser led multiple cyber security assessment , threat hunts and compromise assessments across wide variety of critical infrastructure in the kingdom of Saudi Arabia and the Middle East. Naser holds a Bachelor of science in computer administration and security from Ferris State University in Michigan as well as a Master of science from the Georgia institute of technology.
Hiring talented individuals is critical to an organization’s success. In fact, cybersecurity professionals are in short supply. At a time when there is a strong demand for such professionals more than ever, organizations face difficulty to recruit and maintain talents. Dire consequences of this shortage to organizations and CERT’s will be discussed and recommendations will be highlight in this session.
Muhammad Salman is currently having a role as a representative of National Cyber and Crypto Agency (NCCA) Republic Indonesia for OIC-CERT Board Member. He is also a lecturer and researcher at Computer Engineering, Faculty of Engineering, University of Indonesia especially in the field of Network and Information Security. Salman holds his Doctoral degree in Information Network Security from Universitas Indonesia, and Master degree in Information Technology from Monash University, Melbourne, Australia. He is also an alumnae of Cybersecurity Leadership Program (IVLP) in Washington DC, United States organized by Department of State, US.
Regarding his journey of experience, he was a former Vice Chairman of ID-SIRTII (Indonesia Security Incident Response Team on Internet Infrastructure) under Ministry of Information and Communication Technology, Republic of Indonesia. He is also Co-Founder and Board Member of newly establishing institution, Id-CARE.UI (Indonesia Cybersecurity and Resilience Center, Universitas Indonesia) for developing capacity building and research in cybersecurity related field. Now, he is running a 5 (five) year project with JICA in Building Human Resources Development for Cyber Security Professionals in Indonesia and ASEAN region.
In term of establishing the professional certification program, he joins as Council Member and Professional Instructor for Cisco Networking Academy, CompTIA and EC-Council. He also actively involved in conducting and managing ICT Community Development for Bridging the Digital Divide and also Building Internet Security and Safety Awareness. He joins as member of IEEE Computer Society, ISSA, ISACA, ISOC, ACM, CSA and IACSIT. He also has lots of experiences during his previously roles in representing as a member of different regional and international forums and committees in information security area including APCERT, ANSAC, CAMP, FIRST and OIC-CERT, as well as actively participating and delivering speech in several conferences, workshops, trainings including information security, networks, ICT community development, professional education, industry and academic partnership.
Ts. Dr. Zahri Yunos is the Chief Operating Officer of CyberSecurity Malaysia, an agency under the Ministry of Communications and Multimedia Malaysia. Zahri is a central figure in establishment of the OIC Computer Emergency Response Team (OIC-CERT), a collaborative effort of cybersecurity initiatives amongst the OIC countries. Zahri holds a PhD in Information Security (Cyber Terrorism) from the Universiti Teknikal Malaysia Melaka (UTeM), Malaysia. Zahri is serving as a Board Member of UTeM and has been appointed as academic and industry adviser to several Higher Educational Institutions in Malaysia and abroad. Zahri has contributed various publications and presented papers on topics related to cybersecurity, business continuity management and cyber terrorism.
Having to evolve from a Information Security Penetration Tester in the United Arab Emirates Computer Emergency Response team in Telecommunication Regulatory Authority 2015, to Manager of Security Services of aeCERT in Telecommunication and Digital Regulatory Authority in 2021.
Mohammad Bushlaibi demonstrated his history of working in the telecommunications industry combining his hands on skills of security testing and knowledge transfer into his Security Awareness sessions.
His previous roles included having to conduct multiple penetration testing and more than 100+ Security Awareness Sessions in the UAE as well as representing the TDRA in multiple TV interviews with an aim to raise Information Security Awareness to Federal and Government entities in the UAE.
In 2018, Mohammad Bushlaibi scored a Radio Show in UAE Media Corporations co-hosting a program called (Your Technology) where it focuses on the latest trends in Technology by exploring new technology. Now he is having his own Radio Show of ( Living in a Digital World ). Mohammad is also the Content Creator of the Tech Social Media Account (Fudhooli) where he presents a variety of Technical Episodes that leverages to the public audience.
His current responsibilities and roles includes providing Security Services to all Federal Entities, ensuring that the privacy and cyber security of all National Entities are being protected, and finally protecting the IT Infrastructure in the UAE in Digital Government Scope from Cyber Threats.
Fatimah Alakeel is a cybersecurity advisor at NCA, leading the awareness activities of the Saudi CERT. Fatimah is an assistant professor at King Saud University, where she holds a position of the vice head of KSU training Center.
Outside of her work, she has several volunteering engagements with the society, one of them is CIAG, a non-profit organization focused on building capacity and raising awareness in cybersecurity. Fatimah had completed her PhD from University of Southampton, UK, in the area of secure software development. She also holds an MSc in Computer Science from DePaul University, USA.
Her areas of interest are: cybersecurity, privacy, data science, and software engineering. Moreover, Fatimah is a writer, a trainer, and a public speaker.
In accommodating efforts and strategies to modernize the IT applications, organizations rushed to upgrade their assets to attain greater agility and scalability. This session will discuss on the key factors of proper security measures that might be overlooked by organizations.
Abdulrahman Almousa is a leader in the Saudi CERT. He has actively contributed to the development of cybersecurity programs and initiatives that aims to minimize cybersecurity risks and raise the level of awareness among general public at the national level. Almousa’s expertise spans a wide range of Cybersecurity fields; including a deep understanding of the application security, secure system development lifecycles, and planning, implementing and executing of a variety of Cybersecurity project and strategies in the field of cyber resiliency. He received his Bachelor’s degree in Computer Software Engineering form King Fahd University of Petroleum and Minerals and his Master’s degree in Computer and Information Systems Security and Information Assurance from Georgia Institute of Technology.
Haitham’s fundamental education orbited around Information and Cyber Security Domain, with emphasis on e-crime prevention and threat management, from a Bachelor’s in Computer Security, a Masters of Digital Forensics to a P.h.D in Cyber Security Management, along with a cluster of professional and specialized certifications within the IT Security Industry.
Haitham has been involved in planning, implementation and execution of a variety of IT & Cyber Security projects and strategies, to strengthen the capabilities that enable the organization ultimately achieve their objectives with emphasis of Governance, Risk and Compliance (GRC), to address uncertainties and posing security risks.
Correspondingly, enhancing human cybersecurity capacity, and promotion of security culture within the critical and public sectors. Haitham is an active contributor within Information Security research communities, and startup tech companies, along with speaking, consulting and conducting various cyber security researches and enabling the upcoming researchers.
Assoc. Prof. Col (R) Dr. Husin Jazri PhD CISSP, preferred to be called Prof Jazz, is a Senior Vice President (Cybersecurity) Serba Dinamik Group Berhad and a director of Serba Dinamik Cybersecurity Sdn Bhd.
He is also a cybersecurity professor at the University of Malaysia for Computing and Engineering in Cyberjaya, Malaysia and the Chief Editor of eSecurity and Privacy Channel (ESPC), a dedicated cybersecurity media covering cradle to Heaven.
Prior to that, he was an Associate Professor and a Senior Director of Information Security at the Asia Pacific University of Technology & Innovation (APU).
Dr Jazz was the founder, Director and 1st CEO of Cybersecurity Malaysia. Prior to CSM, he was the Director of the National ICT Security and Emergency Response Centre (NISER), at MIMOS Berhad. He had initiated many strategic projects for the Malaysian Armed Forces, and the Government of Malaysia during his service period including Cyber999, Common Criteria, Cyber Clinics, CyberSAFE, ASCLAB for Digital Forensics etc.
At International Front, he was an Associate Professor in Cybersecurity at the Namibia University of Science and Technology (NUST), Southern African Region in-charge of cybersecurity programs and was awarded the Best Teaching Professor during his tenure. Prof. Jazri was a co-founder and the first co-chair of Asia Pacific CERT, the founder and the first chair of OIC-CERT. He was the recipient of the prestigious Harold Tipton Lifetime Achievement Award by the ISC2, USA, for his contribution in cybersecurity world. He has more than 30 years of blended cybersecurity and information security working experiences.
Prof Jazz graduated with BSc in Engineering (Connecticut, USA), Post-Graduate Diploma in System Analysis (UiTM, Malaysia), MSc (Distinction) in Information Security (Royal Holloway, Univ of London, UK), MBA from University Putra Malaysia and PhD in Computer Science (Cybersecurity) from the National Defence University of Malaysia.
He can be reached at hjazri@e-serbadkgroup.com / drjazz@espc2go.com.
His ESPC project is at https://www.espc2go.com
As enterprises scale up their use of emerging technologies, they are exposed to new threats. Moreover, the adoption of IoT, Cloud, AI, and Blockchain, to name a few, will be greatly affecting the daily organizational operations. This session will discuss the measures for a safe and resilient operations within these disruptive technologies.
Rasha has almost 14 years of experience in various IT domains and served at key national government projects related to IT Governance, Security Management and IT Compliance. She has been engaged in the development of national policies and standards for governing the IT industry in Oman, as well as providing guidance and consultancies to government agencies, and conducting research on the new technological trends.
She is currently leading the national compliance program for the government sector, the IT Accreditation program of the private sector, and has been actively involved in the revision of national IT-related laws.
Jacomo Piccolini joined Team Cymru in 2012 as part of the Outreach Team and is based in Brazil. Prior to working at Team Cymru, he worked at the Brazilian Research and Academic Network, at their Academic CSIRT, and acted as the Academic Coordinator for the Educational School’s security and IT governance curriculum. With 21 years of field experience, Jacomo holds a degree in Engineering and a post-graduate degree in Computer Science and Business Administration. Jacomo is known globally due to his long time involvement in FIRST (The Forum for Incident Response and Security Teams). He is a Liaison Member of FIRST and the team representative for Team Cymru. Jacomo is also Team Cymru representative at OIC-CERT. Previously Jacomo coordinated hands-on activities for FIRST and is now contributing on the Membership Committee. Jacomo is also known for his work and contributions within several security communities and trust-based groups, serving as an advisor, doing pro bono work and as an elected board member. Jacomo is responsible for Team Cymru’s Community Services, including the CSIRT Assistance Program (CAP) and the Data Sharing Partnerships. When possible he returns to education, teaching network forensics and CSIRT security courses, at the post-graduate level, as an invited professor. When not working to make our networks safer places, Jacomo spends time doing his other great love, photography.
Aloysius Cheang is currently the Chief Security Officer of Huawei UAE responsible for driving the company’s cybersecurity vision of building a safe and secure intelligent connected digital world in the UAE and the region. He is also a Board Director for US-based (ISC)2, as well as UK-based cyber leadership think tank, the Centre for Strategic Cyberspace + International Studies (CSCIS).
In his career spanning over 20 years, Aloysius had delivered direct business values in strategic, complex, multi-year and multi-million dollar technology and cyber program for Global 500 organizations worldwide while managing large multi-cultural, multi-disciplinary team spread across 5 continents and 4 major time zones time after time. Aloysius was a Co-Founder and Managing Director for Cloud Security Alliance Asia Pacific (CSA) and was the Chief Standards Officer for CSA globally. Prior the CSA, he was the Worldwide Head of Security for Vodafone Global Enterprise and a Security Practice Leader with Pricewaterhouse Coopers Singapore, having started his career with DSO National Laboratories in Singapore focusing on Defence R&D.
Aloysius was instrumental in driving IT Security professionalism, with attempts to create dual hubs for the certification/chartering process in the mid-2000s with the Institute for Information Security Professionals (IISP) now known as Chartered Institute of Information Security in UK and Association of Information Security Professionals (AISP) in Singapore, of which he was protem chairman AISP from 2002- 2007. He has been appointed to many national level committees such as the National Cloud Computing Advisory Council of Singapore and the National Cyber Defence Research Centre (NCDRC) of India and university advisory boards such as Republic Polytechnic, Singapore Institute of Technology and University of Wakaito in New Zealand.Additionally, he was a former Head of Delegation for the Singapore National Body to ISO, liaison person to ITU-T SG 13 and SG 17, the author for ISO/IEC 27032 “Guidelines for Cybersecurity”, that defines the term “Cybersecurity”. As a globally recognized cybersecurity expert, Aloysius‘s professional perspective is highly valued by major media such as the BBC, Times, Wall Street Journal, ZDNet, ISMG, MSN News, CXO Insights, Teletimes International, Xinhua News, SCMP, Phoenix Media, The Hindu, The Nation, Bangkok Post, Economic Times Daily, China Times, The Straits Times, ChannelNewsAsia, Zawya, The National, Gulf Business and Al Bawaba.
Wafa Dahmani manages the team responsible for monitoring cybernetic risks with early warning of attacks on national cyberspace, in coordination with Internet service providers and various stakeholders. And coordinating with similar international centers (CERT) in order to identify and combat cybernetic risks and to exchange information concerning new developments on an international scale in the field
She is former Director of Network information center and in charge of commercial and competitive intelligence in ‘Tunisie Internet’ which an internet service provider, the CCTD Technical Registry, an Afrinic LIR member and running TunIXP.
The Industrial Control Systems (ICS) are indispensable for a number of industrial processes. Nowadays, ICS are connected to the Internet which enables streamlining and automation of industrial processes but carries with it the risk of exposure to cyber-attacks. This session will discuss best practices for ICS and enhancing cybersecurity.
Ahmad Mohawish has more than 15 years of experience in cybersecurity related fields, working with high performance teams to achieve strategic and tactical goals. He has a master degree from Carnegie Mellon University, with highest distinction, in Information Security Policy and Management. Ahmad works in the National Cybersecurity Authority (NCA) of the Kingdom of Saudi Arabia to help shape the Kingdom’s cybersecurity regulatory environment. Beside his public sector experience, Ahmad has an extensive experience in the private sector. Prior to joining NCA, Ahmad was leading the team responsible for reporting cybersecurity risk to the board of directors of a leading global energy provider. He has achieved around 20 professional certificates in cybersecurity related fields and has undergone several management consulting assessment and development. Ahmad is very keen about today’s topic given that he has worked as a process control engineer and understand the challenges in this field.
Victor is a reverse engineer with more than 9 years of cumulative experience in the field of malware research.
His primary interests include antimalware technology, ML/AI-Ops, incident response, malware analysis and deep affinity with the audio programming and VST SDK plugin development (DSP) technologies with a strong effort to combine technical and creative aspects of these crafts.
Since 2011, he has trained many malware analysts and incident responders and is a successfully published author in the field of malware analysis with his book ‘Windows Malware Analysis Essentials’ (Packt 2015) making it to lists of Book Authority’s 100 Best Malware Books of All Time (rank 14) and the 100 Best Selling Malware Books of All Time which is humble recognition of his contributions thus far.
His direct involvement in interesting end-to-end projects with clients ranging from startups to F500 firms gives him first hand knowledge and adaptability wearing many hats ensuring successful completion with record turnaround times.
Rohana presently serves as the Chief Operating Officer at Sri Lanka CERT|CC, the national CERT of Sri Lanka.
He is a pioneering team member of Sri Lankan CERT, having joined the team at its very inception in 2006. He has a BSc Eng (Honors) Degree in Electronics and Telecommunication Engineering and an MBA in IT from the University of Moratuwa.
Rohana is a GIAC Certified Incident handler, Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and has been involved in handling and resolving many security incidents of varying flavours during his time at Sri Lanka CERT.
He plays a significant role in setting up the National Certification Authority whilst being engaged in international collaboration efforts of Sri Lanka CERT|CC as a Steering Committee member of APCERT.
Naser Aldossary is a Principal Industrial Incident Responder within the Dragos Global Professional Services team where he specializes in Industrial control system security & Incident response. He was also part of the team that responded to an attack on a petrochemical plant that led to discovery of the group xenotime behind the Trisis/Triton malware.
Naser led multiple cyber security assessment , threat hunts and compromise assessments across wide variety of critical infrastructure in the kingdom of Saudi Arabia and the Middle East. Naser holds a Bachelor of science in computer administration and security from Ferris State University in Michigan as well as a Master of science from the Georgia institute of technology.
Hiring talented individuals is critical to an organization’s success. In fact, cybersecurity professionals are in short supply. At a time when there is a strong demand for such professionals more than ever, organizations face difficulty to recruit and maintain talents. Dire consequences of this shortage to organizations and CERT’s will be discussed and recommendations will be highlight in this session.
Muhammad Salman is currently having a role as a representative of National Cyber and Crypto Agency (NCCA) Republic Indonesia for OIC-CERT Board Member. He is also a lecturer and researcher at Computer Engineering, Faculty of Engineering, University of Indonesia especially in the field of Network and Information Security. Salman holds his Doctoral degree in Information Network Security from Universitas Indonesia, and Master degree in Information Technology from Monash University, Melbourne, Australia. He is also an alumnae of Cybersecurity Leadership Program (IVLP) in Washington DC, United States organized by Department of State, US.
Regarding his journey of experience, he was a former Vice Chairman of ID-SIRTII (Indonesia Security Incident Response Team on Internet Infrastructure) under Ministry of Information and Communication Technology, Republic of Indonesia. He is also Co-Founder and Board Member of newly establishing institution, Id-CARE.UI (Indonesia Cybersecurity and Resilience Center, Universitas Indonesia) for developing capacity building and research in cybersecurity related field. Now, he is running a 5 (five) year project with JICA in Building Human Resources Development for Cyber Security Professionals in Indonesia and ASEAN region.
In term of establishing the professional certification program, he joins as Council Member and Professional Instructor for Cisco Networking Academy, CompTIA and EC-Council. He also actively involved in conducting and managing ICT Community Development for Bridging the Digital Divide and also Building Internet Security and Safety Awareness. He joins as member of IEEE Computer Society, ISSA, ISACA, ISOC, ACM, CSA and IACSIT. He also has lots of experiences during his previously roles in representing as a member of different regional and international forums and committees in information security area including APCERT, ANSAC, CAMP, FIRST and OIC-CERT, as well as actively participating and delivering speech in several conferences, workshops, trainings including information security, networks, ICT community development, professional education, industry and academic partnership.
Ts. Dr. Zahri Yunos is the Chief Operating Officer of CyberSecurity Malaysia, an agency under the Ministry of Communications and Multimedia Malaysia. Zahri is a central figure in establishment of the OIC Computer Emergency Response Team (OIC-CERT), a collaborative effort of cybersecurity initiatives amongst the OIC countries. Zahri holds a PhD in Information Security (Cyber Terrorism) from the Universiti Teknikal Malaysia Melaka (UTeM), Malaysia. Zahri is serving as a Board Member of UTeM and has been appointed as academic and industry adviser to several Higher Educational Institutions in Malaysia and abroad. Zahri has contributed various publications and presented papers on topics related to cybersecurity, business continuity management and cyber terrorism.
Having to evolve from a Information Security Penetration Tester in the United Arab Emirates Computer Emergency Response team in Telecommunication Regulatory Authority 2015, to Manager of Security Services of aeCERT in Telecommunication and Digital Regulatory Authority in 2021.
Mohammad Bushlaibi demonstrated his history of working in the telecommunications industry combining his hands on skills of security testing and knowledge transfer into his Security Awareness sessions.
His previous roles included having to conduct multiple penetration testing and more than 100+ Security Awareness Sessions in the UAE as well as representing the TDRA in multiple TV interviews with an aim to raise Information Security Awareness to Federal and Government entities in the UAE.
In 2018, Mohammad Bushlaibi scored a Radio Show in UAE Media Corporations co-hosting a program called (Your Technology) where it focuses on the latest trends in Technology by exploring new technology. Now he is having his own Radio Show of ( Living in a Digital World ). Mohammad is also the Content Creator of the Tech Social Media Account (Fudhooli) where he presents a variety of Technical Episodes that leverages to the public audience.
His current responsibilities and roles includes providing Security Services to all Federal Entities, ensuring that the privacy and cyber security of all National Entities are being protected, and finally protecting the IT Infrastructure in the UAE in Digital Government Scope from Cyber Threats.
Fatimah Alakeel is a cybersecurity advisor at NCA, leading the awareness activities of the Saudi CERT. Fatimah is an assistant professor at King Saud University, where she holds a position of the vice head of KSU training Center.
Outside of her work, she has several volunteering engagements with the society, one of them is CIAG, a non-profit organization focused on building capacity and raising awareness in cybersecurity. Fatimah had completed her PhD from University of Southampton, UK, in the area of secure software development. She also holds an MSc in Computer Science from DePaul University, USA.
Her areas of interest are: cybersecurity, privacy, data science, and software engineering. Moreover, Fatimah is a writer, a trainer, and a public speaker.
The main objective of this collaboration is to assist member countries to build cyber security capabilities and strengthen existing capacity through knowledge sharing and experiences. The international collaboration platform in Computer Emergency Response Team (CERT) will also result in economic value creation by being a platform to foster greater trust, long-term friendship and business cooperation among countries. Other than optimising the dissemination of cyber alerts, it would also provide a platform to exchange ideas and expertise and to promote joint development on measures to deal with large-scale cyber security incidents.
The objectives of OIC-CERT are:
To date, 21 OIC countries is a member of the OIC-CERT. In addition, other membership categories which are not limited to the OIC community are professional members and the commercial members.
In December 2012, the ITU Arab Regional Cyber Security Center (ITU-ARCC) is established by the International Telecommunication Union (ITU) and the Sultanate of Oman, represented by the Information Technology Authority with a vision of creating a safer and cooperative cybersecurity environment in the Arab Region and strengthening the role of ITU in building confidence and security in the use of information and communication technologies in the region.
The National Cybersecurity Authority (NCA) was established in 2017 by a Royal Decree. The NCA is the government entity in charge of cybersecurity in the Kingdom of Saudi Arabia and it serves as the national authority on its affairs. It has both regulatory and operational functions related to cybersecurity, and it works closely with public and private entities to improve the cybersecurity posture of the country in order to safeguard its vital interests, national security, critical infrastructures, high-priority sectors, government services and activities.
Event Secretariat:
The OIC-CERT Permanent Secretariat
CyberSecurity Malaysia (Malaysia),
An Agency Under Ministry of Communications and Multimedia Malaysia
Email: secretariat@oic-cert.org