Programme

Day 1 – Wednesday, 16 August 2017

08:30–09:15

Registration

09:15-09:30

Welcome address and Session chair:  Hein Venter 

09:30-10:00

Guest Speaker: Mark Heyink    

 Affiliation: Mark Heyink Information Attorney / Information Governance (Pty) Ltd

Topic:  “Cybercrimes and Cybersecurity Bill in Perspective”

Abstract: • Why are cybercrimes and cybersecurity in the same Bill? • What happened to a proper consultation process? • Why is the development of public/private partnerships ignored? • Where is the balance between privacy and security? A consideration of the Bill demands answers to these questions. The authoritarian approach taken by the Department of State Security and the JCPS Cluster is unacceptable in a democracy and threatens online freedoms.”

10:00-10:30

Guest Speaker: Manuel Corregedor                           

 Affiliation: Telspace Systems 

Topic: “Failing at Information Security”

Abstract: Organisations around the world invest a large amount of resources into Information Security controls yet they continue to get compromised.  In our talk, we will discuss the current threat landscape in order to highlight why organisations find it increasingly challenging to deal with the changing threat landscape.  We will also identify, through lessons learnt, why organisational Information Security controls are ineffective at addressing the vulnerabilities in people, process and technology.

10:30-11:00 

Tea

 

Session chair: Marianne Loock

11:00-12:00

Keynote address: Karen Renaud                       

Affiliation: University of Glasgow

Topic: Users Behave Insecurely; Why do they do that?

Abstract: The computer user is often referred to as "The Weakest Link" in the security chain. Security professionals and researchers have attempted to address this problem by bridging the knowledge gap with awareness drives and by disseminating information about precautionary and preventive actions to be taken. While such efforts are necessary they have not yet proven sufficient in terms of guaranteeing secure behaviour. There are a range of other explanations for people failing to take the secure option, either when using their own or their employers' devices and systems. In my talk I am going to review a range of explanations to reveal the surprising complexity of the answer to the simple question posed in the title.                                                            

12:00-12:15

Guest Speaker: Prof Rossouw von Solms        Affiliation: IFIP Technical Committee 11

Topic: IFIP information

12:15-12:30

Guest Speaker: Prof Alta van der Merwe         

 Affiliation: Founder and past chair of the South African IEEE SMCS Chapter 

Topic: IEEE information


12:30-13:30

Lunch 

 

Stream 1 – Critical Infrastructure Protection & Secure Network and Communication (Double Blind Peer Reviewed Papers)

Session Chair:  Adele da Veiga 

13:30-13:50

Analysis of Mozambican Websites: How do they protect their users?

Ambrosio Patricio Vumo, Stefan Köpsell and Josef Spillner

13:50-14:10

Investigating the Electromagnetic Leakage from a Raspberry Pi

Ibraheem Frieslaar and Barry Irwin

14:10-14:30

Design and Application of Link: A DSL for Frame Manipulation

Sean Pennefather and Barry Irwin

14:30-14:50

The Importance of Security Culture for Crowd Energy Systems

Mohammad Aldabbas, Stephanie Teufel and Bernd Teufel

14:50-15:20

Tea 

 

Stream 2 – Privacy (Double Blind Peer Reviewed Papers)

Session Chair:  Sean Pennefather TBC 

15:20-15:40

Big Data Science for Predicting Insurance Claims Fraud

David Kenyon and Jan Eloff

15:40-16:00

Organizational Information Privacy Strategy and the Impact of the PoPI Act

Marc Pelteret and Jacques Ophoff

16:00-16:20

Compliance with the Protection of Personal Information Act and consumer privacy expectations - A comparison between the retail and medical aid industry

Adele Da Veiga, Ruthea Vorster, Colin Pilkington and Hanifa Abdullah

16:20-16:40

Privacy and Security Framework for Consumer Health Wearables

Javan Mnjama, Barry Irwin and Greg Foster

18:00–20:00

Gala Dinner: Level Four restaurant at 54 on Bath

 

 

 *  Subject to change without notification

Day 2 – Thursday, 17 August 2017

08:30–09:15

Registration

09:15-09:30

Welcome address and Session Chair:  Jan Eloff TBC 

09:30-10:00

Guest Speaker: Johann van der Merwe            

Affiliation:  Director & Security Architect at Telic Consulting 

Topic:  Information Security   TBC

Abstract:  TBC

10:00-10:30

Guest Speaker: Haroon Meer TBC                      

 Affiliation:  The founder of Thinkst 

Topic:  Information Security  TBC

Abstract:  TBC

10:30-11:00 

Tea

 

Session chair: Marijke Coetzee

11:00-12:00

Keynote address: Dr Karen Renaud                 

Affiliation: University of Glasgow

Topic: The Responsibilization of Cyber Security

Abstract: Cyber-crime has mushroomed as governments in many countries have started to pursue a neo-liberalist agenda. The consequent responsibilisation of cyber security might well be contributing towards the success of cyber-attacks. There is a case to be made for sharing the responsibility between the individual citizen and the government, finding a more equitable distribution. The talk will draw lessons from the way society has learnt to manage other risks to make the case.

12:00-12:30

Guest Speaker: Professor Tana Pistorius        

 Affiliation: South African Research Chair in Law, Society and Technology, UNISA 

Topic:  Data protection, privacy and IP intersection OR IP piracy and cybersecurity

Abstract: TBC


12:30-13:30

Lunch

 

Stream 3 – Social Engineering, Access Control & Database Security (Double Blind Peer Reviewed Papers)

Session Chair:  Jacques Ophoff

13:30-13:50

Enriched Nudges Lead to Stronger Password Replacements

Karen Renaud and Verena Zimmermann

13:50-14:10

Underlying Finite State Machine for the Social Engineering Attack Detection Model

Francois Mouton, Alastair Nottingham, Louise Leenen and H.S Venter

14:10-14:30

Forensic attribution in NoSQL databases

Werner Hauger and Martin Olivier

14:30-14:50

Benchmarking a Mobile Implementation of the Social Engineering Prevention Training Tool

Francois Mouton, Marcel Teixeira and Thomas Meyer

14:50-15:20

Tea

 

Stream 4 – Trust & Intrusion detection (Double Blind Peer Reviewed Papers)

Session Chair: Francois Mouton TBC 

15:20-15:40

Towards the development of an effective intrusion detection model

Sarathiel Chaipa and Mariki Eloff

15:40-16:00

Evaluating the severity of trust to Identity-Management-as-a-Service(IdMaaS)

Nkosinathi Mpofu and Wynand van Staden

16:00

Best paper award