Cybersecurity Awareness Meetup 2019

October is the official Cybersecurity Awareness Month, both in Europe and the US, this year.

ECSM is the EU's annual awareness campaign that takes place each October across Europe. The aim is to raise awareness of cyber security threats, promote cyber security among citizens and organizations; and provide resources to protect themselves online, through education and sharing of good practices.

Surely, Hamburg will participate and run the Hamburg Cybersecurity Awareness Meetup 2019 as part of the ECSM campaign as a one-time event taking place in Hamburg on[masked].

The Meetup is a casual after-work event with two rather non-technical talks about Social Engineering and Open Source Intelligence (OSINT).
(Read: also non-IT experts are welcome!)

==================
Agenda:
==================

18:00 Get Together

18:15 Welcome
Daniel Hanelt / Carsten Buchberger of SportAlliance (venue sponsor)

18:30 "Pineapples and bunnies are not as harmless as you may think"
Annybell Villarroel

19:15 Break & Networking

19:30 "User Profiling through Open Source Intelligence (OSINT)"
Mathias Conradt

20:15 Break & Networking

Drinks and food will be provided.

==================
Talks
==================

Talk 1:

"Pineapples and bunnies are not as harmless as you may think"
Annybell Villarroel

People are one of the biggest risk in cybersecurity but I believe that they are also the biggest, and most important defense. A key element to turning people into cybersecurity heroes is security awareness, so let's talk about how to achieve this through social engineering attacks using the Bash Bunny, for USB attacks, and the WiFi pineapple! There will be demos.

Annybell Villarroel works as a Security Awareness Manager at Auth0 in Madrid, Spain. She also leads Women in Security (WoSEC) Madrid. Her goal is to build and maintain an engaging, and fully customized security culture & awareness program that helps foster a strong security mindset.

Talk 2:

"User Profiling through Open Source Intelligence (OSINT)"
Mathias Conradt

When we as consumers log on to an online service with just using a single piece of information like an email address, phone number, username or via Social provider such as Facebook/Google/Twitter, what kind of information can actually be derived from that in order for somebody to run some user profiling on us?
The recon work based on openly available information out on the internet is called Open Source Intelligence (or short: OSINT) and is especially useful to marketing departments for targeted marketing activities. It allows to put together a more comprehensive user profile based on an initial single factor.
There are a few resources and popular books on OSINT out there, however, they are unfortunately either outdated or extremely US focused and don't apply to the German region.
This talk will give an overview of what is (still) possible, even for smaller companies that don't own half of the internet, and what we as consumers should be aware of.

Mathias Conradt, a Hamburg native, has 20+ years of professional experience in software engineering and business process management, thereof 7+ years in Hong Kong and China. Prior to his current obligations, he has served as managing director for a boutique software development company in Hamburg and Hong Kong for over 15 years, as well as data privacy officer at the privacy-focused open source company Nextcloud. His current focus is on identity and access management where he's in charge of growing the market for Auth0 in the DACH region.