Wednesday, February 11, 2009
"SecOpenDay2009: Cyber terrorism and security" conference was held
It was my first time attending a conference on IT security in Mongolia which I did not take part in organization of it since 2006.
This time fellows at ICTA, MonCIRT, General intelligence agency etc did a good job on organizing it. It could be improved though.
In the morning session they laid out fundamental theories so that the audience experience and knowledge gaps lowered. When I walked into the conference hall, MP Z.Enkhbold (His previous blog is here)was almost done with his speech on "Info sec policies of the state". It was followed by presentations: "Trends in state info sec, threats, countermeasures " by Mr. Baatarkhuyag from State communications bureau, "Network security: Threats, attacks, exploits" by Mr. T.Khaltar MonCIRT NGO, "Banking and finance security, threats, vulnerabilities, attacks, hands on countermeasures" by IT division head of MongolBank Mr. D.Dovchinbazar, "Cyber terrorism" by ICTA senior speacialist G.Nyamdorj, and a brief presentation on "Encryption techniques" by someone I didn't catch his name. All in all, they were talking the same stuff others were talking in 2006. They knew the need for regulations, legal environment and lack of them. Everybody knows what needs to be done, lots of plans but no progress which can be signified. Come on, everybody needs a result after 4+ years of discussion. We want action, not changing faces and same old stuff to be spoken of. Where are the laws passed, they were promising them to be discussed at parliament in their next session in Feb of 2006? I thought of leaving the conference early, feeling little upset, but couple titles on agenda of afternoon session made me stay.
Afternoon session proved I made a good decision as guys with years of hands-on experience under their belt started to picture real life situations, cases, statistics. Oyunbold from largest ISP Magicnet started with his impromptu presentation on "Internet environment security, threats, attack, countermeasures", it was interesting topic and he could've improved the presentation if he was notified by his boss little earlier about the event I guess. "Computer incident response team's operaration and guidelines" by Mr. U.Esbold MonCIRT, "*nix OS's in Information systems as a security providers" by Mr. B.Munkhbayar Ceo of USI LLC and Advisor to Parliament, "Major concerns in Infosec" by N.Baasandorj from MonCIRT, "Re-engineering, VoidMan virus comprehensive analysis" by Ch. Erdenebat, MUST: CSMS were EDUTAINMENT as people say today. They made me think of spending my time, and sitting in that conference hall was worth it.
Mr. U.Esbold promised to put up the presentations for the conference on their NGO website, but at this moment theirn NGO site is being upgraded with renewed design etc. and down. After few days you should check up www.moncirt.org.mn for the presentations.
Edit: Forgot to include the painful experience of sitting through last presentation by a lady from Defence University of Mongolia on "Measurement of effects on computer network by DoS". I think she was a student, or someone doesn't appear in front of public much. I didn't quite catch what was the aim, proof, methods used. Probably I need to take up a reading on the topic, but it was awful to be honest. I felt like I was made to sit on one legged stool for 15 minutes.
Also the guy I don't recall his name demonstrated an encryption/decryption application, which was probably an off the internet code compilation, nothing to brag about - somehow he decided to show it off.