The Minister of e-Governance Opened the First in Bulgaria International Conference on the Cyber Security, Part of BSIDES Series, at the UNWE
You are viewing photos from The Minister of e-Governance Opened the First in Bulgaria International Conference on the Cyber Security, Part of BSIDES Series, at the UNWE
Special guest for the Conference was the Minister of e-Governance Bozhidar Bozhanov who discussed with the Rector of UNWE Prof. Dimitar Dimitrov the security in the state cyber space and the opportunities for cooperation with the UNWE two days ago.
"I rely a lot on the Network and Information Security Directorate at the Ministry. There are many competent and trained people there but more specialists are also needed. For the responsibilities and powers of the Ministry of e-Governance people are also needed. The problem exists not only in the public but also in the private sector", said Minister Bozhanov at the opening of the Forum and added: "unfortunately, we, who understand the details of this matter are a few and that`s why in the medium and long-term policy of the Ministry we have set to increase the capacity through education. We need well-trained people to guard the public systems as well".
On the first day of the Conference the reports and the discussions set in the Conference programme were in thematic areas related to the Internet vulnerability, enhancing the security of information systems and the best practices in cyber security.
In the first lecture on the Vulnerabiltiy Full Disclosure Miglen Evlogiev explained what is vulnerability and revealed the responsible vulnerability detection. He emphasized that all the implemented projects have a vulnerability that may be an open problem or one that will become visible in the future. He gave advices and examples of good practice. Evlogiev pointed out that if there are enough ethical hackers who monitor for incidents there will have fewer problems as for him it is important to be built a healthy society. He gave an example of ethical hacking with the case of the training platform Shkolo.bg and the discovery of a security problem by the pupil Stoyan Kolev from the Vocational High School of Computer Programming and Innovation in Burgas.
The Executive Director of the platform Lyubomir Vanyov talked about the case in details and recommended to think about the information security as the health. Stoyan Kolev himself gave more details on how he had discovered the problem.
The Executive Director of the platform Lyubomir Vanyov talked about the case in details and recommended to think about the information security as the health. Stoyan Kolev himself gave more details on how he had discovered the problem.
Vladimir Dimitrov, cyber crimes investigator at the Directorate General for Fight against Organized Crime, reminded the most common frauds in cyber space, such as IBAN switching, investment and love fraud, child pornography, intellectual property theft. He considers the Botnet networks that infect computers as a very big problem. Dimitrov outlined that a large part of the work of the Directorate General for Fight against Organized Crime is focused on the prevention. He specified that the law is strict towards such crimes and new additions are forthcoming for increasing penalties. Dimitrov warned "to be careful with ethical hacking, an important point is when the hacker will stop his activity - his interference, it is also important what is his goal. The line is thin and there is still no legal framework for ethical hacking".
In the second report Tsvetomir Balevsky presented the Application Security into DevOps.
Charge My Car for Free Forever was the topic of the report by Vangelis Stykas. He focused on the electric vehicles which are provisioned to become major vehicles by 2030. He talked about what does API do in the area of cyber security, the cloud infrastructure development and the related cloud cyber attacks and he emphasized on the security stages against such type of cyber-attacks. The lecturer also examined the possibilities of charging vehicles through a cloud system but outlined that actually it increases the risk of cyber-attacks.
In the fourth lecture Martin Stoyanov and Spas Genov explained what is Front-end Security. They pointed out some misconceptions and with short demos presented three vulnerabilities with an analysis of what they lead to, how they can be prevented and how to provide protection. They also explained What is Cross-sideSkripting, what is its impact and did demos on how to prevent it. They also examined various bugs.
The next presentation delivered by Anton Tsankov was about Securing Kubernetes with Open Policy Agent. The presenter explained how and why to use Kubernetes and what are the cons.
Radoslav Gerganov's presentation was on the Decrypting IPTV. He presented the IPTV service, the advantage of broadcasting TV programmes via the Internet. The lecturer clarified what IPTV services are offered in Bulgaria paying attention to what is the security model and what the IPTV providers use.
In his presentation Daniel Rankov examined the Common Security Pitfalls in AWS Public Cloud for Highly Regulated Industries. He talked about what the public cloud providers offer and when using them: where ends the responsibility by the provider, where begins the responsibility by the user and who will be audited. Rankov also paid attention to the security in public environments. He also explained what services should be used for protection. Last but not least, the lecturer pointed out that the public provider helps with off-the-shelf architectures.
Radostina Kondakova and Yordan Popov presented the topic Where and How to Implement Security in Softwere Development. R. Kondakova drew attention to the fact that even if the company does not have a security specialist everyone in the team is obliged to secure it and emphasized that the prevention is very important. She shared the working principles and one of them says that there is no 100% security. She examined in details the design of Security in Software Development and why to use Threat Modelling.
Radostina Kondakova and Yordan Popov presented the topic Where and How to Implement Security in Softwere Development. R. Kondakova drew attention to the fact that even if the company does not have a security specialist everyone in the team is obliged to secure it and emphasized that the prevention is very important. She shared the working principles and one of them says that there is no 100% security. She examined in details the design of Security in Software Development and why to use Threat Modelling.
Kristian Mladenov talked about the Active Directory Reconnaissance /Red Team Exercise in Finding Hidden AD Relationships/. He explained what the Bloodhound tool is and how to install it. He pointed out its benefits and what value can be derived from this tool. Mladenov also presented a list of protections.
He explained what Malware is for and how to “pick it up”.
The last lecturer Ognian Chikov presented A survey of Blockchain Consensus Algorithms and Attacks. He clarified what the blockchain network is and the consensus algorithms that set rules for operating.
The last lecturer Ognian Chikov presented A survey of Blockchain Consensus Algorithms and Attacks. He clarified what the blockchain network is and the consensus algorithms that set rules for operating.
The last lecturer Ognian Chikov presented A survey of Blockchain Consensus Algorithms and Attacks. He clarified what the blockchain network is and the consensus algorithms that set rules for operating.
The last lecturer Ognian Chikov presented A survey of Blockchain Consensus Algorithms and Attacks. He clarified what the blockchain network is and the consensus algorithms that set rules for operating.
