Dubai, UAE, September 16, 2015 -- /EPR NETWORK/ -- With news of a vulnerability in the WhatsApp web extension that could allow hackers to takeover users' computers using just their phone number and a spate of “DarkHotel” targeted attacks using compromised Wi-Fi networks to hack devices of visiting hotel guests; “…the risks posed by mobile threats are rising and there is still a shortage of trained InfoSec teams to deal with the challenge” says Raul Siles, a highly respected security researcher and one of the few individuals worldwide to earn the GIAC Security Expert (GSE) designation. “Deploying a MDM system is a good first step but it’s not an ‘install and forget’ situation as the environment is much more complicated than say Windows, OS X or Linux and the threats are evolving fast.”
Ahead of the upcoming SANS Gulf Region 2015 in Dubai this October, Siles who will be running the "SEC575: Mobile Device Security and Ethical Hacking" course suggests that organisations need to address several key areas to better cope with the threat posed by mobile devices, “High profile vulnerabilities, that might even combine both the traditional and mobile computing worlds like the recent WhatsApp issue, can serve to highlight what is often an underappreciated threat especially as many of these devices and apps move between the private and work life. This duality of roles forces organisations to think in new ways to enforce management and security policies on devices that are not necessarily owned by the organisation.”
As mobile devices start to overtake desktop PC’s, Siles suggests that organisations need to take a closer look at the skill sets of InfoSec professionals charged with protecting environments, “Security training budgets need to reflect the realities of the modern organisation that is increasingly dependent on mobile devices.”
"SANS SEC575: Mobile Device Security and Ethical Hacking" is a 6 day intensive hands-on course that teaches attendees how to capture and evaluate mobile device network activity, analyse strength and weaknesses on each mobile platform, disassemble and analyse mobile code, recognise weaknesses in common or custom mobile applications, and conduct full-scale mobile penetration tests.
As the Gulf Region's largest Information Security training event, SANS will be offering six vital courses all with an associated GIAC certification covering areas such as pen testing, mobile, web apps, hacker tools and the popular SEC401: Security Bootcamp course.
About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 27 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (www.SANS.org)
Contact-Details: Colin Saldanha
PR Consultant
PROCRE8
Dubai - UAE
GSM: +971 (50) 6400762
Email: colin@procre8.biz