09:30 - 10:00
| Keynote: Cyber drills: A tool to develop a proactive and robust security posture or the importance of security simulations
|
10:00 - 11:30
|
Cyber drill experience sharing
Objective: Speakers shared their experiences in conducting cyber drills followed by an interactive discussion with the audience
Moderator: Marcus Adomey, AfricaCERT
|
11:30 - 12:00
| Coffee break and Team creation
|
12:00 - 13:30
| Scenario A: Website defacement
An adversary group performed a cyber-attack on a bank's website by carrying out unauthorized access and modification of the website of the organisation. The website of the company was defaced and one feature was deactivated but analysis showed that the source code of the website was not altered. The scope of this scenario consisted of finding out: how unauthorized access to the website could have happened, how the website could have been defaced, whether there is any vulnerability related to session/cookie which could have been exploited and how these vulnerabilities could have been addressed.
|
13:30 - 14:30
| Lunch break
|
14:30 - 16:00
|
Scenario B: DFS security cyber resilience toolkit
The DFS Cyber Resilience Toolkit facilitates DFS cyber resilience self-assessment and improves the overall digital financial services infrastructure posture by identifying vulnerabilities, assessing peripheral and internal defences, and designating attack scenarios. The toolkit addresses DFS entities, users, and actors that may be part of the telecommunication sector of the DFS ecosystem. Generally, the toolkit promotes a more structural preparation against malicious cyber operations, establishes best practices to fend off unauthorised access attempts, and suggests potential security measures that can be implemented to improve the cybersecurity maturity of the targeted entity. This exercise was designed as an interactive tabletop session, where participants were organized into six groups, each focusing on a distinct aspect of cyber security: Risk management, governance, testing, training & awareness, protection and incident response.
|
16:00 - 16:30
| Coffee break
|
16:30 - 18:00
| Scenario C: Phishing email and malware analysis
In this scenario, participants played the role of cybersecurity analysts tasked with analyzing a phishing email to gather information and identify potential vulnerabilities as well as investigating a suspicious document that may contain hidden malware with the goal of analysing the document to identify and understand the malicious payload.
|
18:00
|
Closing
-
Heung Youl Youm, Chair, ITU-T Study Group 17, Security | Professor, Department of Information Security Engineering, Soonchunhyang University, Korea (Rep. of)
-
Kwadwo Osafo-Maafo, Chair of ITU-T Study Group 17 Regional Group for Africa (SG17RG-AFR) |
Head of Cyber Security Division and Chief Information Security Officer (CISO), NCA, Ghana
- Xiaoya Yang, ITU-T Study Group 17 Counsellor
- Michael Bamwesigye, Head of IT & Security, Uganda Communications Commission (UCC)
|
