Talk 1: 1900Hrs - 1945Hrs

Talk Title: Cyber Risk Quantification: Let’s talk cyber risk

Cybersecurity have been growing in importance and frequently play a key role in organisations in this day and age. With the recent growth of cyber threats and implementation of new cybersecurity laws, the possibility and consequences of exploited cyber risks have increased exponentially as well. As cybersecurity specialists, how can we translate such costs and the benefits of new security controls into something that can be universally understood across the organisation? In this talk, Debbie will be giving a brief introduction into quantifying cyber risks and discuss how we, as cybersecurity specialists, can help our organisations make smarter cybersecurity investments.

Speaker

Debbie is a final year undergraduate student at NUS, majoring in Information Security. She previously graduated from Nanyang Polytechnic with a Diploma in Cyber Security and Forensics. As part of her roles as CISO summer intern at UBS, Debbie contributed to a white paper on Cyber Risk Quantification.


Talk 2: 1945Hrs - 2030Hrs

Talk Title: Static code analysis with Semgrep

Static code analysis is a powerful tool in finding bugs in code. In this talk, we will show off the power of Semgrep, an open source static analysis tools, in matching complicated code patterns. The talk will demonstrate the power of the hundreds of community contributed Semgrep rules, provide a brief tutorial on writing custom Semgrep rules tailored to a code base, and discuss the various use cases where Semgrep can make a difference.

Speaker

Terry is a security consultant at Centurion Information Security. He enjoys reverse engineering and fuzzing applications in his spare time.