Charl van der Walt

head of security research, Orange Cyberdefense

Charl van der Walt is the original founder of SensePost, a pen testing company in South Africa and in the UK, where he still sits on the board. He has acted in various roles there, including CEO for about five years. After SensePost was sold to SecureData, he took a diverse role within the group that includes leading its research unit, directing security strategy and leading the "Security Intelligence Unit", which (among other things) runs a significant managed SIEM and threat hunting (MDR) operation. He has spoken on a variety of occasions over the duration of his career, including at Black Hat, HITB, Defcon, NATA CCDCOE, BSides and 44Con.

Charl van der Walt will be speaking on the following topics:

Keynote The impact of Covid 19 on cybersecurity

  • How has the threat landscape changed since the crisis started? What type of threats are on the increase?
  • How have organisations responded? What new response measures have been implemented? What lessons have been learned?
  • To what extent are organisations’ remote working infrastructures and endpoints protected? What risks do companies need to be aware of?
  • How have companies educated their remote workers/implemented awareness campaigns?
  • What lessons about cybersecurity can be learned from the virus itself?

Virtually private networks (are they virtually good enough?)

Enterprise businesses equip staff with mobile devices such as laptops and smartphones to perform daily tasks. This makes the workforce much more mobile but places an implicit burden on the staff to ensure they are always online. Security is handled by the underlying operating system and supporting solutions, for example, a virtual private network (VPN). Commercial VPN technology has been around since at least 1996 when Microsoft created the Peer to Peer Tunnelling Protocol (PPTP). OpenVPN and similar open source VPN technologies have advanced this tech from highly specialised to near commodity.

However, enterprise VPN solutions can be complicated and nuanced. One case involves remote workers that connect to complimentary Internet hotspots typically offered by coffee shops, airports, hotels, etc. Hotspots are WiFi access points that offer free Internet bandwidth. Most hotspots today feature a captive portal that require either a password, voucher code, or some form of consent that involves agreeing to terms of use. A robust VPN implementation should not allow a user to interact with a network resource that bypasses the VPN tunnel. What then happens in the time between connecting to the WiFi hotspot and activating the VPN? How vulnerable is the user during this time? Surely the WiFi hotspot securely isolates guests and surely the local firewall on the laptop will protect the user from any attacker, but does this assumption hold even if the hotspot is fully under the control of an attacker?

In this presentation, we will reveal research we conducted into the efficacy of modern commercial and open source VPN solutions in the face of modern mobile worker use cases, typical endpoint technologies and contemporary threat models. In short: VPNs – are they enough?

Diamond Sponsor

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Bronze Sponsor

Display Sponsors

Endorsed by