Almerindo a.k.a Al co-founded and now leads Silensec. He is also the co-chair at the European Cyber Security Organisation (ECSO) of SWG 5.1 and 5.2 on cyber ranges, technical exercises and cyber security skills development.
Al was the founder and course director of the MSc in Information Systems Security programme at Sheffield Hallam University, a first of its kind in the UK, and in collaboration with the British Standard Institution (BSI).
Al has personally authored a number of training courses from ethical hacking to intrusion detection, along with the first ever ISO27001 Lead Implementer certification course offered by BSI worldwide. Al’s areas of expertise include: standards compliance (e.g. ISO27001, ISO22301, PCI DSS), IT infrastructure protection, design of SIEM and Log Management systems and development of cyber threat intelligence capabilities.
Al has consulted in information security for private and government organizations across Europe, Africa and the Middle East. He also works as a cyber security expert for UN’s International Telecommunication Union (ITU) and regularly delivers cyberdrills and other capability development exercises and workshops for national CERTs and governments around the world.
He holds an MSc in Electronic Engineering and a PhD in mobile computer security from “Federico II” University of Naples.
Speech Topic & Synopses
Traditional security training, even in the more hands-on formats, is seldom experiential and it fails to assess real skills and the ability of people to perform under pressure and to deal with real security challenges to support organizational cyber resilience.
This technical session will show how cyber security aware organizations in the MENA region can use the next-generation CYBER RANGES platform with attack simulation capabilities to test the abilities of security staff to respond to a range of security incidents without impacting on operational environments.
Until today, such possibilities have been confined to the realm of military operations, Involving large investments in simulation infrastructures and extended periods of planning and preparation. This technical session will address the following:
- How to assess security skills and cyber resilience
- Understanding the difference between Breach-and-Attack Simulation and next-Generation CYBER RANGES with attack simulation scenarios
- Integrating testing of organizational cyber resilience and continuous skills development and assessment into security governance.