Cybersecurity in UAE: more education, less speculation
According to a promotional video for the inaugural OPCDE (Operational Code) conference, 75 percent of all legitimate websites have unpatched vulnerabilities.
With the stakes that high, the last few days were a special opportunity to study what is going wrong and gather renowned cybersecurity experts from around the world and MENA region.
Held at both Dubai Future Accelerators and 1776 Dubai in their respective spaces at Emirates Towers, the conference was organized by Comae Technologies founder Matt Suiche, a longtime hacker-turned-entrepreneur from France who is now based in Dubai.
Suiche, whose pre-Comae days included cofounding Cloudvolumes before selling it to California-based cloud industry leader VMware and joining their team, doesn’t like how certain trends in the tech industry continue to persist. One of them is the ambiance that dominates mainstream conferences featuring IT vendors: sales presentations galore instead of sharing knowledge in a community-centric environment. Another is the heavy focus on fundraising that is prevalent at weekend hackathons: he said the startup community should re-focus on actual useful products to market rather than investing energy in areas like discussing stock options and VC before actually creating a legitimate product with results.
“When people talk to you about stock options at hackathons, it is a big distraction. Instead of having 14-year old kids learn about tech and software engineering, they are being poisoned by talk of equity and VC,” said Suiche.
Focusing on community, Suiche kept his own presentation about recent cyber attacks to a few minutes and then gave the floor to other speakers to deliver sales pitch-free, interactive talks on a wide range of cybersecurity topics.
They discussed everything from hardware to project management to the frequency of software software bugs. “The focus was on content and value: purely technical talks with no vendors or sponsors onstage,” said Suiche.
Spotlight on MENA
OPCDE was also an opportunity to share knowledge gained by cybersecurity specialists from the MENA region and nurture the next generation. The latter was achieved thanks to the onstage presence of engineers from two of MENA’s growing tech hubs - Egypt and Lebanon - and a CTF (Capture The Flag) contest free for students to participate in along with a free roundtable where they could ask OPCDE speakers any questions they had about the industry. Several of the winners of CTF included Emirati nationals.
OPCDE slides + materials will be continuously uploaded on our GitHub repository. https://t.co/pqeOC2Yv3w— OPCDE_ 2017 (@opcde) April 26, 2017
Abdul-Aziz Hariri, a native of Lebanon who now works as a security researcher for Trend Micro in Montreal, is now traveling in MENA to share his insights on cybersecurity. He will also be speaking at Turkey’s Nopcon Security Conference on May 11. He credited his early education in Lebanon for the passion it gave him to pursue his calling: tracking down potentially harmful software issues and keeping people safe from cyber-attacks.
“I have been in cybersecurity since 2005. Finding zero-days, which is the term used for bugs in software that aren’t patched yet and are unknown to the vendor, was a hobby that I turned into a career starting with freelance bug-hunting and my first job in Lebanon.”
Hariri, whose story was the subject of a 2012 Wired magazine piece called ‘Portrait of a Full-Time Bug Hunter’, advised Wamda readers to make sure their software patches are updated in order to prevent the possibility of being targeted by hackers.
Egypt’s own Mohamed Saher, a security researcher who now serves as VP of Advanced Research at NSS Labs in Austin, Texas, was another speaker who praised his early education for shaping him.
“I started computer programming when I was eight-years-old: I picked it up very fast in Cairo at programming classes. I started evolving from one language to language until I found out about virus writing. I try to find patterns and understand how the human mind works: behavior analysis through reverse engineering,” said Saher.
He added that something that is important to him is sharing what he has learned with the next generation of Egyptian engineers back home.“Students and fellow security researchers from Egypt reach out via email to ask me questions: I like to help them out and and I believe that knowledge should be free. I also interact with many open-source projects: I test them out and give feedback through online forums.”