The strategic initiative of KSA’s Vision 2030 has the Cybersecurity area as one of the leading topics. This will require a workforce to support the information technology infrastructure in the K.S.A. Currently, there is a lack of local professionals in this field. Furthermore, there is a great interest among citizens to learn about it and get involved in Cybersecurity in all levels.
This comprehensive and practical three (3) weeks bootcamp introduces its participants to the notions of common and important problems of today’s digital and computing world towards in terms of security. As such, it describes basic cybersecurity principles of today. It describes and analyzes among others, e-mail frauds, surfing security, ransomware, adware, etc., and gives hands-on experience on cybersecurity issues, such as password protection techniques, network attacks avoidance and countermeasures, access control, firewalls, and modern cryptography applications and notions.
The bootcamp presents all the up-to-date internet-based threats and security measures using practical demonstrations and examples. Participants will be given the opportunity to apply all the material of the course using a lab environment and get a hands-on experience in various cybersecurity topics.
At the end of the workshop, participants will have a better understanding of the modern cybersecurity threats, the measures of avoiding several “dangerous” habits and uses of today’s home & business IT infrastructure, create strong, easy-to-remember passwords and avoid being victims of fraud(s) or attacks on the internet. Finally, the participants will get some real hands-on experience through real examples on internet and modern working environment cyber threats.
This workshop is an excellent opportunity for fresh high-school graduates who want to have some basic knowledge on cybersecurity. For example, they will learn how to effectively manage their passwords, and what to avoid and/or be careful on today’s computers and safe internet usage.
The target group are young people working with IT infrastructure and modern computers, with some theoretical background or basic IT knowledge and/or experience, without necessarily a strong IT background. People with any kind of involvement with modern computers are welcome. Also advanced users will find out some solid techniques and practices very useful.
Weekly Program Outline
The workshop is delivered though lectures, class discussions, individual and group case studies, practical usage of software and network tools, and assessment. The topics to be covered include the following:
Week 1: Introduction to Cybersecurity
Case studies (Stuxnet)
C.I.A. - Data States - Safeguards
Malicious code (viruses, worms, trojan horses)
Ransomware - Adware - Spam
Social Engineering (The case of Kevin Mitnick)
Practical examples and demonstrations
Free vs Paid Antivirus survey
Firewall (Turn it on/off?)
Anti-spyware (Do I need one?)
What is a VPN
Week 2: Network Security
Security in Network Design
Stateful - Deep Packet Inspection
Intrusion Detection Systems
Network Intrusion Detection
Practical usage of Wireshark
Length - Complexity - Memorizing techniques
Practical usage - John the Ripper
RAID - Five nines - Disaster Recovery - Business Continuity
Week 3: Internet Attacks & Basic Cryptography
XSS, SQLi, CSRF
Practical demonstration of keyloggers
Basic Assumptions - Kirchhoff’s principle
Friends & Enemies (Bob - Alice - Trudy)
Taxonomy (Symmetric, Asymmetric, Hash Functions)
Practical Cryptanalysis: Substitution Cipher
Hash Functions applications
Public key applications
What is https?
Secure internet surfing
Note: Examples and Exercises will use virtualized environments that will not endanger individual property and will not cause any harm.
Be able to communicate in reading/writing of business English
Be familiar with today’s basic ICT infrastructure (browse the internet, send e-mails, create/open/work on a document, etc.)
Programming skills are not essential
Participants are strongly encouraged to bring their own laptop during classes. If they cannot do that, classes will be conducted in a computer lab.
Learning goalsAt the completion of this bootcamp, participants will gain the ability to avoid several “classical” computer interaction mistakes, learn how to effectively use antivirus, antispyware software and firewalls and secure web sites (https). They will also learn how to create effective memorable passwords. The goals include:
Learn about the modern computer security notions
Learn the basic cybersecurity terminology
Learn about social engineering techniques
Learn about Scam and how to distinguish it
Learn about viruses and other online threats
Learn about mail fraud
Learn what “Phishing” is and how to avoid it
Learn about HTTPS Internet Security
Learn about SSL and when it is absolutely necessary
Learn how to create and maintain strong, usable, easy to remember passwords
Learn about the above through practical examples
Security Aid Toolbox
Participants will take home a Security Aid Box. The Aid box is a collection of several check lists, forms, graphs, printed material, etc., along with several software tools. This Aid box will be used extensively during the bootcamp to give participants enough practice during the practical sessions.
This workshop is an excellent opportunity for everyday IT users to get a detailed and concrete knowledge of good practices regarding cybersecurity, avoiding everyday traps on the internet, and understand some basic notions about various attacks like viruses and worms and basic countermeasures, network attacks, cryptography, and password management.
Dr. George Violettas, Ph.D. in Internet of Things (IoT) & Security of IoT
Senior students from Alfaisal University, Software Engineering program