Shakticon Conference started at 8:00 am on April 9 with a keynote from Marion Marschalek (Founder of BlackHoodie, a company that empowers women to build careers in cybersecurity and organize workshops and conferences for women). She said Shakticon is a much bigger event than hers. The next keynote followed by Rinki Sethi (VP and Chief Information Security Officer at Twitter Inc.). She talked about the challenges she faced during her journey in cybersecurity, as a woman.
The inaugural started at 9:30 am with an introduction of speakers by Dr. Krishnashree Achuthan (Dean, PG Programs at Amrita Vishwa Vidyapeetham). Eric Falt (UNESCO Director for Bhutan, India, Maldives and Srilanka) and Meenakshi Lekhi (MP from New Delhi) were the chief guests at the event. Falt stressed the importance of more women entering security field and Lekhi talked about gender exploitation at work and how cybercriminals exploit women. Lekhi’s speech was followed by a benedictory address by Swamini Krishnamrita Prana, who spoke about leading a simple lifestyle and how that brings true happiness in one’s life citing examples from her travels with amma. This was followed by a vote of thanks by Sreepriya Chalakkal (Organizer for Shakticon).
The next session started with Sanju Mishra, explaining how she rose from non-biology background to becoming the VP and security head of a pharmaceutical company, from humble beginnings. She stressed the importance of education and utilizing one’s networking skills. Another keynote session followed, from Ratnaboli Ghorai Dinda (Deputy Director General (Scientist-G), at National Informatics Centre). She talked about basic types of protection and went on to describe the security architecture, components, and models.
After the lunch break, a session on Bluetooth Security, describing different aspects of Bluetooth such as pairing and attacks on Bluetooth systems was done by Renu D. S. from Schneider Electric. She also described working on Bluetooth Low Energy (BLE) and its importance in securing current-day devices. This was followed by a talk on the current research roadmap by Dr. Krishnashree Achuthan, who talked about the various research collaborations and future plans of the center, CTFs organized and the ranking of the university. Dr. Anindita Banerjee (Quantum Research Head and VP of QuNu Labs Pvt Ltd.) followed, with a talk on basic cryptography, quantum cryptography, quantum key distribution and hardware and software approach to quantum cryptography. This session was followed by a talk on cybersecurity in the OT environment by Luisa Montealegre (OT cybersecurity specialist from Siemens). She spoke about her career change from being a mechanical engineer into a cybersecurity specialist after developing a personal interest and getting an additional degree in the area. She spoke about OT, differences between IT and OT, how to improve OT by automation, knowing the risks and taking the right measures.
The evening session started with a talk on internet drone security by Mehrnoosh Monshizadeh from Nokia Bell Labs. She started with drones and UAVs and went on to discuss 4G and 5G security on drones, with IDS, data mining systems, anomaly detection in drones, protocols used, robots used in controlling drones and the security involved. This was followed by a talk on machine learning for security by Bhavna Soman from Microsoft defender research. She spoke about how ML helps with cybersecurity with basics on ML to curve fitting, getting the right dataset and made the participants build a model, interactively. The last session of the day was from Dr. Sung Lee of VMWare, on threat modeling. She spoke about threat modeling definitions, characteristics, processes, tools, and automation in threat modeling.
The second day of the conference started with a talk by Priti Shrivastav (General Manager of Software Security at Intel Corporation) who discussed secure software development lifecycle as a pragmatic approach to software security. Next was a motivational talk by Asha Poluru on achieving professional excellence followed by a talk by Sabna Sainudeen on career paths in cybersecurity. This was followed by a session by Dr.Tiffany Bao (Arizona State University) on CTFs and cybersecurity research where she explained how CTFs are conducted, DEFCON, and cyber grand challenge where a CTF was conducted purely with machines with no human involvement. She also explained her insights on future CTFs. Next was a talk on cyber event management by Liora Itkin (Israel Ministry of Defense), who talked about the difficulties on malware forensics and integration of cyber incident and event management with operations.
The next event was a panel discussion, moderated by Dr. Krishnashree and had participation from Anyesh Roy (IPS from Delhi Cyber Crime branch), Liora Itkin (Israel Ministry of Defense), Dr. Dave Chatterjee (University of Georgia) and Evelyn Kilel (Co-founder of SheHacksKe). On a question about cybercrimes, the need for educating people and raising awareness was suggested as common solutions. Improvising APIs by training staff and analyzing the technique used by attackers was another suggestion. On the next topic on the cyber pandemic, insider threats even after an employee is fired from an organization and general observations from experience on attacker behavior were discussed. Generally, the attackers don’t change their malware. They only change their mode of attack. Sometimes in a large organization, multiple incidents happen before an action is done even on the first incident. This concluded the morning session.
The afternoon session started with a talk about a software supply chain attack by Komal Armarkar from Crowdstrike. She talked about the attack types and what gets compromised, impact and mitigation. This was followed by a talk on secure software development by Arya M. Shankar who explained different stages of a software development cycle and how security can be implemented at each stage. This concluded the afternoon session.
The evening session started with a talk by Dr. Mina Sheikhalishahi (Eindhoven Technical University), on privacy-preserving data analysis. She talked about sensitive information and how data can be analyzed, keeping privacy, using adversarial ML, multi-party access control, policy conflicts and protocols. The last session of the day was by Dr. Indrakshi Ray (Colorado State University) on the security of embedded networks in heavy vehicles such as trucks. She explained some protocols used in heavy vehicles and described her research in the area using a testbed.
The last day started with a talk on Fuzzing by Dr. Allison Marie Naaktgeboren (Portland State University). She discussed AFL and the different parties involved in fuzzing. This was followed by a talk on Authenticated Encryption by Dr. Lakshmi (Amrita Vishwa Vidyapeetham, Coimbatore campus). Next was a talk by Dr. Amritha P. P. (Amrita Vishwa Vidyapeetham, Coimbatore campus) on Covert Delivery Mechanisms. She covered steganography, digital watermarking and software obfuscation. This was followed by an interactive session with Dr. Neeta Verma (Director General, National Informatics Center) and Sundari Nanda (Chief Vigilance Officer of Delhi Police). Dr. Krishnashree moderated the session. The discussion focused on cybercrimes where most children are the victims. Nanda reminisced the first cybercrime in India, which was on credit cards and the training conducted for cyber cell officers, which was in line with the experiences shared by Ms. Liora Itkin from Israel. Next was a talk by Karine Ben (Simhon VP, Citi, Israel) about the power of collaboration on preventing cyber attacks together. She talked about the cyber warfare daunting the world and the actors behind it, some recent cyber-attacks like wanna cry and discussed the problems with jurisdiction and necessity for collaboration. This was followed by a keynote address by Rema Vedasree (CEO of Data Security Council in India), who talked about the current issues with the covid pandemic and types of cyber products in demand. She also discussed the technology trends and drivers giving an overview of the Indian cybersecurity landscape, detailing the technology areas where there is an increase in requirements and the type of jobs in demand. This was followed by a talk on secure software by Sarvajeet Kaur of DRDO, who talked about the shift from system harming humans to humans harming systems. The talk went ahead on secure coding, testing and AI systems and how the government deals with AI challenges, highlighting European countries, Singapore, and India scenarios.
VP & CISO, Twitter
Security Architect, VMware
CISO, Linde
Security Researcher, TU/e
Ph.D Student, PSU
ML Security Researcher, Microsoft