Blog

ISACA One-Day Workshop on 23 March 2024 (Saturday)

Map Unavailable

Date/Time
Date(s) - 23/03/2024
9:00 am - 5:00 pm

Categories


Topic:  The Art of Adversarial Artificial Intelligence: Unleashing Power, Unveiling Vulnerabilities

Speakers:

Ms. Karen Liang, OSEP, OSCP, CISSP, CISA
Cybersecurity Manager, PwC Mainland China and Hong Kong

Mr. Amos Chan, OSCE, OSCP, CISSP, CISA
Manager, PwC Mainland China and Hong Kong

——————————————————————————————————————————————

Topic The Art of Adversarial Artificial Intelligence: Unleashing Power, Unveiling Vulnerabilities
Speakers

Karen possesses over 7 years of in-depth experiences in offensive security regarding technical red teaming exercises, malware attack simulation, penetration testing, IT risk and governance services for a wide range of industries in Hong Kong and across Asian Pacific including conglomerate, retail, financial services, public utility, critical infrastructure, property development, gambling and entertainment, automotives, luxury goods and information technology.

With understanding of continuously refreshing cybersecurity trends, Karen keeps refreshing the adversarial tactics, techniques and procedures (“TTPs”) in the key areas of expertise include red teaming, attack surface management, network penetration test, cyber attack simulation, web/mobile application penetration test, threat and vulnerability assessment, and infrastructure security reviews.

Karen is also the member of ISACA CNHK – SheLeadsTech Committee and speaker of the SheLeadsTech program.

 

Amos has over 7 years of experience in offensive security, red teaming, IT risk and governance services and security-related services, focused on banking and other financial service sectors.

With in-depth understanding of cyber security requirements from financial regulators in Hong Kong, Macau, Singapore (e.g., Hong Kong Monetary Authority (“HKMA”), Securities and Futures Commission (“SFC”), Autoridade Monetária de Macau (“AMCM”)), Amos is specialised in penetration testing for E-banking systems, intelligence-led of cyber attacker simulation testing (“iCAST”) and security assessment on the innovation utilization for financial institutions, and assist them in fulfilling regulatory compliance requirements with continuously enhanced security posture.

Amos also leads Capture the flag (CTF) competitions with designing hands-on offensive security labs for participants.

 
Synopsis The goal of this workshop is to provide cybersecurity knowledge and skills for the students regarding Artificial Intelligence (”AI”) as an adversary. The instructor will focus on 2 areas on the adversarial attacks related to AI, i) Unleashing Power of AI to assist in hacking and adversarial attacks; ii) Unveiling Vulnerabilities of AI by hacking the AI systems and examining the potential associated risks and vulnerabilities. The instructor will lead students to participate in group discussions, hands-on lab exercise in adversarial attacks and presentation, so that students can develop adversarial attacks skills related to AI.

 

Workshop Learning Outcome

After completing the workshop, the participants will

  • Understand the fundamental concept of adversarial attacks on and with AI;
  • Acquire the skills to utilize AI for advanced and innovated adversarial attacks;
  • Gain the hands-on experience as pentester/hacker with the help of AI;
  • Understand the potential cyber risk and security vulnerabilities of AI systems;
  • Acquire the hands-on experience to hack AI systems in multiple scenarios.

 

Workshop Outline

I. Adversarial Artificial Intelligence: Unleashing Power

  • Trends of utilizing AI for adversarial attacks
  • Common attack scenarios and applicable attack cases by AI
    • AI-enabled Social Engineering – Exploring how AI technologies can be leveraged for social engineering attacks
    • AI-powered Hacking tool development – Exploring how AI technologies are being used to develop malicious software
    • AI in Cyber Threat Intelligence: Exploring the use of AI in cyber threat intelligence, in the areas of analysing and detecting patterns in large-scale security data
  • Privacy and Ethical Considerations in AI Hacking

 

II. Adversarial Artificial Intelligence: Unveiling Vulnerabilities

  • Introduction of common attack types on AI
  • OWASP AI Top 10 Security Risk – common security risks and vulnerabilities of AI systems
  • Securing AI Systems – Discussing best practices and strategies for securing AI systems against hacking attempts, including topics such as secure model training, robustness testing, and adversarial defense mechanisms
  • Discussion of Future Trends in Hacking AI Systems

 

III. Practical Exercises in Adversarial Artificial Intelligence

i. Unleashing Power

  • How to use AI for hacking – demonstration of common attack scenarios and applicable attack cases by AI
  • Hands-on lab exercises for students (e.g., malicious software development to facilitate penetration testing, social engineering attacks development, etc)
  • Presentation of the exercise results

 

ii. Unveiling Vulnerabilities

  • How to hack AI systems – demonstration of common AI attacks
  • Hands-on lab exercises for students (e.g., attacks on AI systems, Prompt injection attacks, etc)
  • Presentation of the exercise results
  • Wrap up: Holistic attack path for AI hacking – MITRE ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems)

 
Target Audience Offensive security professional or offensive security-curious and want to have more insights for Adversarial Artificial Intelligence
Prerequisites Students need to have a basic understanding of AI, information system, offensive security, vulnerability assessment, penetration testing and risk methodologies. This workshop covers many of the core areas of offensive security and AI and assumes a basic understanding of technology, system, and security.
Speaker Contact Info Karen Liang – Linkedin

Amos Chan – Linkedin
Workshop Lab Preparation (optional) Prior to the workshop, each participant needs to get ready a laptop computer with Internet access.
Date 23 March 2024 (Saturday)
Time 9:00 am – 5:00 pm
Venue Room 401, 4/F, Pico Tower, 66 Gloucester Road, Wan Chai, HK

Map: Click Here
Fees
Early Bird

 

Deadline On or Before Wednesday 13 March 2024

 Regular

 

Deadline On Tuesday 19 March 2024
ISACA China Hong Kong Chapter Member HK$2,500 HK$2,700
Member of Other ISACA Chapters/ HKACFE/ CPA Canada/ HKCS/ HKICPA/ IIA HK/ ASIS HK HK$2,900 HK$3,100
Non-Member HK$3,500 HK$3,700
Language Conducted in English
CPE Hour 8 CPE Hours
Deadline [Early Bird]:     13 March 2024 (Wednesday)

[Regular]:        19 March 2024 (Tuesday)
Registration Register Here
Remarks
  1. The workshop will be rescheduled if registrant number is less than 10.
  2. There is no refund once payment is made except the course is cancelled.
  3. Please keep the certificate as a CPE proof.
Enquiries Please contact our Administrative Team at (+852) 2528 3772 or email to events@isaca.org.hk