Hands on security

Security awareness was high on the agenda at the SANS (SysAdmin, Audit, Network, Security institute) seminar, which took place last month in Dubai.

  • E-Mail
By  Simon Duddy Published  December 22, 2004

|~|bob-sans_m.jpg|~|“The first thing we try to do in the courses is make people aware of the consequences of some of their business decisions. It is impossible to run a business without being connected [to the internet] but to simply connect and not recognise the risk, which many companies are unfortunately doing, is dangerous.” - Bob Hillery, senior security consultant with SANS|~|Security awareness was high on the agenda at the SANS (SysAdmin, Audit, Network, Security institute) seminar, which took place last month in Dubai. The course was carried out by SANS consultants in conjunction with regional security training firms Al-Elm Information Security and TechZone. The course had two tracks, one concentrating on security essentials and geared towards non-IT management staff who want a heads-up on security, as well as more in-depth technical training that focused on security auditing. The primary goal of the course is to remind students that security is an important consideration for their enterprise. “The first thing we try to do in the courses is make people aware of the consequences of some of their business decisions,” says Bob Hillery, senior security consultant with SANS. “It is impossible to run a business without being connected [to the internet] but to simply connect and not recognise the risk, which many companies are unfortunately doing, is dangerous,” he adds. Shockingly, Hillery claims that 75% of the wireless networks detected by the SANS team during its week long stay were unencrypted and unprotected. “Some were in universities and financial institutions. A financial house allowing people to read their internal mail would be a bad idea,” says Hillery. Hillery however, was quick to emphasise that the Middle East is not lagging behind the rest of the world in terms of security. “Managers across international borders are not thinking about security, no one region or another is doing it well or badly. The onus is on individual businesses to decide whether IT security is simply a cost or a business enabler,” he says. The course focused on practical issues as well as security theory with Hillery encouraging the students to familiarise themselves with hacking tools and techniques. “I have attended many security conferences before but SANS have the hands-on training,” says Gehad Mohammed Al-Bendary, IT risk manager, Kuwait finance house. “They have the real world experience that can help us with our business. We get tools and can apply our ideas outside the classroom,” he adds. The course covered a wide range of security issues from combating viruses and worms to ensuring effective security audits. “We treat information as one of more valuable assets,” says Ameen Najm, assistant general manager, O&T Communications at Saudi bank Samba. “Once you start opening your doors to global users and providing services on the internet, you have vulnerabilities. We are here to help bolster the security of our information and also better understand auditing, so we can check the solutions that we decide to implement,” he adds. This is the first SANS conference held in Dubai with Al Elm partnering with TechZone to make it happen. SANS has been working with regional partner Al Elm for some time and the Saudi-based trainer decided to take this course from its heartland in the Kingdom to give it a more regional flavour. “In September 2003, we held a seminar in Saudi and we realised that it would be of value to hold an event for the region as a whole,” says Salman Ashraf, professional services executive, Al Elm Information Security. “So we organised this session in Dubai, as it is easier for people to travel here. We have 35 students here from seven countries and representing vertical industry sectors such as finance, oil & gas, telecoms and government,” he adds. Techzone managing partner Mohammed Haleem adds that the quality of students was paramount in the venture with the emphasis on knowledge transfer. “We geared the course very carefully towards companies and students we felt would take the maximum possible from it, given its demanding technical content,” he says.||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code