Event Calender

WiCyS Windsor 2019-2020 Tentative Schedule

**** All workshops and event are subjected to change as per our Cyber Lancers recommendation and interest

Fall 2019

**** Notice that Fun/Social Gathering and Learning Series are to be chosen by Cyber Lancers****

3 Workshops

4 Cybersecurity Breakfast Talk

2 Learning Series

**** For Event Timings and Location click on the registration button ****

September 6th Fun/Social GatheringDiscussion (Social, Cyber Bingo)
September 14thLearning SeriesHow to Start a Career in Cybersecurity by Dr. Sherif Saad
September 20thFun/Social GatheringMovie Night
September 27thCybersecurity Breakfast TalkElaheh Samani, Senior Security Researcher at Symantec
October 4thLearning SeriesInternet Privacy 101 by Ikjot Saini, PhD Candidate
October 11thCybersecurity Breakfast TalkMasarah Paquet-Clouston, security researcher at GoSecure
October 18thCybersecurity Breakfast TalkMert D. Pesé, Intern at Harman International
November 1stWorkshopFirewalls/IDS
November 15thWorkshopVPN
November 29thCybersecurity Breakfast TalkAndrea Stapley, Assistant VP of the Globally Security Operations, Sun Life Financial
December 8thFun/Social GatheringChosen from member voting

Keynotes and Workshops Individual Biography

Date: Sep 27, Friday, 2019
Title: OAUTH2 for mobile apps, what could go wrong? 
Abstract: OAuth is a popular authorization schema used by many iOS and Android apps to delegate user authentication and authorization to a known third-party entity such as Google, Facebook or LinkedIn. When users grant an app to access their Gmail account or GDrive, they normally only expect limited access. But there are several functionalities one can do with the access even when the user is not using the app, which often comes as a surprise to the user. It is mostly because users are not aware of the amount of data that an application can access while they are offline, as well as the consequences of sharing that data with the application. Depending on the requested permissions and access type, an app can essentially keep the user authenticated forever and access their protected resources such as Gmail, Gdrive, or Calendar. With no built-in security in OAuth, it is mostly the app developer’s responsibility to prevent unauthorized access or authorization misuse by adding state-based parameters to requests, validating access tokens before making API calls, revoking access tokens, etc.

Fun Activities/Social Gathering

Debate Competition
Essay Competition
Movie Night
Discussion (academic/casual)

Learning Series

Password Security
Data: Breaches, Security, privacy and control
Scams: online, emails, and etc.
Mobile: protection, privacy, and security
Online Security: Identity thefts, and social media

Winter 2020