CySec
INTRODUCTION:
Silver Oak University IEEE Student Branch hosted an engaging event titled “Cysec” aimed at providing insights into critical cybersecurity topics. The event focused on the importance of email security and cloud computing, with expert speakers sharing their knowledge on phishing detection and securing workloads in cloud environments. This hands-on session offered practical guidance for participants keen to understand the modern cybersecurity landscape.
About Speakers :
The session were conducted by :
- Mr. Jigar Raval
- Mr. Ashay Doshi
- Mr. Nisarg Trivedi
- Mr. Jeel Vekariya
About the Session :
Date : 5th September, 2024.
Time : 10:30 am to 1:00 pm
Venue : Cybersecurity Lab, EB block, Silver Oak University
Session 1:
Decoding Email Security and Phishing
The first session, led by Mr. Jigar Raval, began with a soulful Saraswati Vandana to set a reflective tone for the day. Following a memento presentation to acknowledge his contribution, Mr. Raval dived into the intricate details of email headers and phishing, offering a comprehensive breakdown of how phishing attacks are crafted to deceive unsuspecting recipients. His in-depth analysis explained how attackers manipulate email headers to conceal their malicious intent and lure victims into compromising their security.
He then went on to highlight the three fundamental pillars of cybersecurity - people, process, and technology, emphasizing the crucial role each plays in fortifying an organization’s defense against cyber threats. Using real-life incidents, such as a widely reported cyber-attack on Adar Poonawala, Mr. Raval showcased the growing dangers of cybercrime, backed by alarming statistics that underscored the urgency of implementing robust security measures.
Moreover, Mr. Raval introduced the cybersecurity kill chain, explaining the stages of an attack and how adversaries exploit vulnerabilities. He emphasized how organizations can strengthen their defenses to prevent such attacks. The session also covered the cyber forensic process, where Mr. Raval explained how digital evidence is collected and analyzed after a breach. His live demonstration on email forensics captivated the audience, showing how email systems operate and how email architecture helps trace attacks. The session concluded with a discussion on the importance of timely cyber incident reporting to minimize damage.
Session 2:
Navigating Cloud Security
The baton was then passed to Mr. Ashay Doshi, who carried the momentum forward with an engaging session on the intricate world of cloud security. His presentation broke down complex cloud concepts into digestible insights. He began by breaking down the complexities of cloud computing, clarifying the distinctions between the three main service models - SaaS, PaaS, and IaaS.
Through his engaging presentation, he offered participants a clear understanding of how each model fits into different business contexts, while emphasizing the rapid growth of the global cloud security market. As more organizations migrate their operations to the cloud, Mr. Doshi stressed the importance of implementing strong security measures to address the risks associated with cloud environments.
Mr. Doshi explained the shared responsibility model in cloud security, emphasizing the roles of both providers and users in securing data. He addressed key risks like data breaches and offered solutions such as encryption, identity management, and incident response. He also stressed the importance of governance and compliance. Through live demonstrations, he made securing AWS workloads easy to grasp. The session concluded with a memento presentation to Mr. Doshi in appreciation of his valuable insights.
Day2
Session 1 by Mr. Nisarg Trivedi titled “Unmasking Threats”
A dynamic session held by Mr. Nisarg Trivedi, Co-founder and CTO of “Securis 360”, where he shared his valuable insights on Unmasking Threats. The session began with the discussion on network security and scanning where attendees learned different kinds of tools which are commonly used in the industry.
Mr. Trivedi demonstrated many such tools like “Angry IP Scanner”, “Zenmap”, “wireshark” which are used by cybersecurity personnel to scan their devices and protect their devices for any data loss or theft. A hands- on practical was also done on virtual machines on SQL Injection and XSS Injection.A guidance on how this tool helps hackers and cybersecurity personnel to attack and defend their devices were also given
At last the session concluded with engaging Q&A and an interactive quiz on cybersecurity, based on the session where the students' active participation tells the success of the event.
Session 2 by Mr. Jeel Vekariya on “Unlocking secrets of dark web”
The discussion takes a deep dive into the hidden aspects of the Deep web and Dark web. Mr. Jeel provided a brief introduction on this tricky section of the internet highlighting their difference from the surface web and what the risks are involved in accessing this section.
Throughout the session many myths and realities were addressed and clarified. Mr. jeel explained how and why these browsers are being used for legitimate and illegitimate purposes. Attendees also get insights on how to access this section with precautionary measures and were also warned about hacking activities that might happen if proper care is not taken.
Many real world incidents of cyber frauds and scam were also discussed. He also explained how criminals exploit people by fake calls and messages. Later he also discussed how this exploitation is performed. At last he guided us on what are the reasons we get exploited and how we can safeguard ourselves by taking precautions.
Conclusion:
The Cysec event was a resounding success, delivering crucial knowledge on the pressing issue of cybersecurity. Both speakers showcased their expertise with practical examples, and the live demonstrations brought the theories to life, making the event not only informative but also highly engaging. Attendees left with a deeper understanding of cyber threats and how to tackle them head-on, armed with knowledge about email forensics, the cybersecurity kill chain, and the pivotal role of cloud security in the modern era.