The first day of the NULLCON International Security Conference 2020 here in Goa, India (5 – 6 March), saw many young security enthusiasts, consultants, solution providers, speakers, and business leaders. Welcoming the delegates, Antriksh Shah, co-founder of NULLCON said they received 2,500 registrations for the event, but there were many cancellations due to the Coronavirus pandemic. But as they say, the show must go on. “The content of the conference will not be diluted,” said Shah. There were many international speakers and security researchers who attended, notwithstanding the travel advisories issued by their respective countries. The organizers took adequate measures to ensure the safety of the delegates, handing out face masks, hand sanitizers and providing medical facilities. The conference, now in its eleventh year, has become one of the biggest cybersecurity conferences in Asia. It is a big draw for students who aspire to make a career in cybersecurity.
By Brian Pereira, Principal Editor, CISO MAG
The chief guest was Satish Chandra Jha, Chairman of India’s NTRO (National Technical Research Organization). In his opening speech, Jha said, “India has a large IT footprint in the Internet domain. India has about 500 mn Internet users and over 1.5 bn IoT devices. All this fuels economic growth and creates new commercial opportunities. It also presents a challenge of securing cyberspace. Cybersecurity and some of the recent attacks like Stuxnet are serious. Cyberthreat vectors are becoming sophisticated and targeting infrastructure that supports essential services like Power & Energy, Banking & Finance, Transport, Information, and Telecommunications. And if these systems are impacted it will paralyze the nation. These sophisticated attacks outpaces our response.”
Jha said there is little coordination among nations to contain these sophisticated attacks. He cited industry data points to quantify the impact of the attacks and the opportunities for startups and cybersecurity professionals.
“Organizations are spending US$120 billion annually on cyber initiatives. Of this, India is expected to spend US$25 bn. This presents a great opportunity for young cybersecurity professionals, startups, and micro, small and medium enterprises to showcase their expertise,” said Jha.
Global estimates indicate the loss due to cyber incidents is around US$5 – 6 trillion, annually. This does not include loss due to disruption of business impact on the reputation of the company.
“We have a collective responsibility to ensure that the attacks do not impact Digital India initiatives or impede our efforts to be a US$5 trillion economy by 2025,” said Jha.
The conference had two days of research talks, workshops, panel discussions, dedicated tracks (StartVille, macOS/iOS), hacker talks, CTFs (Capture The Flag), and specially designated sessions like Resume Clinic, Red Team Village, and Soldering Village. In addition, there was an exhibition area (titled AMMO) showcasing the latest security tools.
Lots of students and youngsters could be seen participating in CTFs like SCADA CTF (a live demo of attacks against PLCs (programmable logic controllers) and RTUs (remote telemetry units). These are hacking competitions with team participation.
CISO MAG asked Siddhartha Malladi, a second-year undergraduate student why he was participating in the Hardware CTF and what brings him to NULLCON every year.
“This is the second time I am attending NULLCON. I am amazed at all the talks especially those given by the international speakers. This year I am playing in the Hardware CTF since I have a background in electronics and communications engineering. We are team of six students and have come here to meet like-minded people and build our network. Right now, our team is in the seventh position in this competition. We are keen to attend the StartVille (startup track) but we have to be here to participate in the competition,” said an elated Malladi.
The CXO track had some engaging panel discussions with the participation of CXOs from organizations like Bharti Airtel, Adani Group, OLAM International, PayPal, E&Y, NTRO and others.
Speaking to CISO MAG on the sidelines of the event, Venkatesh Subramaniam, Global CISO, OLAM Information Services Pvt. Ltd, said, “I am here in the capacity of a speaker. But I come to NULLCON to network with my peers. It’s also for the technical learning. Events like NULLCON give me an opportunity to understand what my peers are doing and what is happening in their organizations. The platform enables a good informal exchange of information. We discuss each other’s pain points. And we also get an update on where the industry is heading.”
In conclusion, we must mention that NULLCON is an event not to be missed if you are a cybersecurity professional or want to make a career in cybersecurity. There are also recruitment and internship opportunities as the participating startup companies use this event to source talent. There are exciting hacking competitions and bug bounty programs to pursue as well.
It was well worth the three days we spent here, with plenty of networking opportunities and a lot of learning.
Brian Pereira was hosted by NULLCON in Goa for this conference.