Spotlight: University of Calgary Information Security Club

[Music]

[Music] um to start off um we are a student-led club at the university of calgary we are an su-registered club um of just a group of like-minded students who are interested in information security is a broad topic and we will go on to more of what we do so to start out we'll introduce ourselves my name is alexander tenney i'm a computer science and political science dual major at the university of calgary um and i've previously come off of a 16-month internship so i'm just getting back into it and i'm ejaz i'm the vp operations for the club i'm a combined degree student in computer science and mathematics and i am four months in or five months into my

internship um i forgot to say i am the president of the club um and i am a founder of the club so i was here when it began um so just a little bit about our club we are um on the executive team we are comprised of nine full executives five directors and seven junior executives we just onboarded those junior executives so we are quite a large group of really motivated individuals who are willing to put the work in on top of our school hours to make this club run our club is mostly made up of undergraduate students the majority of them are computer science just because we started it in computer science and that's where it's

written in but we're starting to gain a lot of momentum within the engineering group which is a logical jump um but also we have a ton of other uh degrees involved in it i'm also in political science so i try and push that political science aspect but we've also been found out by a ton of high school kids within calgary grad students industry professionals and i also believe there's quite a few other universities that pop in onto our workshops and our meetings our membership currently is about 16 paying members with 100 unique undergrads who have attended workshops um we don't include attendance for those who are in high school industry professionals or other universities all

the time just because it's not something we need to do we don't need to collect that on those people so we try not to um so that's basically an unknown um in terms of community just people that are joining in talking to us hanging out interested in what we're doing we have a discord server with over 700 accounts on who is active and who isn't varies but we do have quite a large group of people on that discord so our club mission statement so the mission of our club is to expose and educate university students the technical and theoretical skills in the field of cyber security and to connect these students with industry professionals basically how our club

started out is we wanted to learn all these principles but we had no one to teach us so we decided to teach it ourselves and it just went on from there um so the reason that the club was founded and why we exist at all and just like the bread and butter of our club is workshops i really wanted to learn what working in cyber security and what doing cyber security was and there was no one to teach me um so i decided me and the other founders decided we would teach other people we would provide that service that we wanted um so we stream workshops streaming because of comed um every monday six to eight pm barring

holidays um those workshops are meant to teach uh technical cyber security skills they are largely rooted in the idea of ctfs just because that's how i learned cyber security but we're moving forward into more pen testing and blue teaming type topics as we learn more and have more knowledge to start teaching those things in the fall semesters so right now we run two streams a beginner in advanced advanced means experienced it just means not beginner that's the huge disclaimer on that um it just means it's not our beginner curriculum this allows for people to uh join in on our club even if they don't previously have a lot of knowledge and it is a really good introduction into cyber

security we try and make these workshops as hands-on as possible as students no one really wants to sit through another two-hour lecture especially because we sit through lectures all day all week also i don't think i'm qualified to lecture i don't know enough to do that so we wanted it to be hands-on and doing stuff if i can learn by doing it it's fun if i have to sit there and just listen to people talk it's maybe not as fun um and we really wanted to encourage a community where we helped people when they got stuck there are times when you're not super experienced and when you're super beginner and you have this imposter syndrome of i don't belong here

where the moment you get stuck you're going to give up and you're not going to move forward and we really want to try and help people push past that so we try and encourage our community to help people as they get stuck if you get stuck during a workshop all you need to do is message in the chat or message in our discord and we will get an executive to go sit with you and figure out what you don't understand and get you back on track um so we wanted to be really friendly to everyone who would be joining our workshops um this is just a little video it's eight seconds the sped up video of an

ex-executive james lowser i'm running through a forensics workshop he's looking at a spectrogram and just showing the different information that you can get from those and different files so that's just a taster of one of our beginner series workshops again it's very rude in ctfs so if you're someone who's very interested in ctfs they'll be familiar so another big part of what we do is our speaker series this is initiative we started last year and are continuing this year this is also really a great uh opportunity for people who don't have much technical knowledge or technical um experience or interest because we try to uh incorporate a lot of different areas within cyber security into these talks

so for example our first talk we just which we just had last year well look sorry just last week we had chris shepherd who has his own oscp and is an ethical ethical hacker with ibm he came and talked to us about open source intelligence gathering he walked us through a present uh attack he and his team did on an executive company with their permission of course and it was really scary but also interesting to learn how just the very very small information you put online can just have drastic consequences coming up in about a month on november 15th we have ruth promislow she is a partner with bennett jones in their toronto office and has a lot of experience with data

protection privacy and cyber security and and she and breach response and relate related litigation she will be coming to speak to us about cyber law if that's a topic that interests you make sure you come out to see that then starting the new year starting off the new year we have dr jason giscolca he is an assistant professor in the department of systems and computer engineering at uh carleton university uh and he will be talking to us about ai topics so a lot of multi-agent systems so that's something that interests you that's that may be a talk for you and our fifth speaker technically we're still working to confirm our fourth speaker but our fifth speaker to end off the year

will be dr dima alhadity she is an assistant professor at windsor she was recently recognized one of canada's top women in cyber security that's a big achievement and she will be presenting to us on security behind cloud and health data so these speaker series are exclusive premium members of our club if you want to become a premium member and attend these talks all you have to do is transfer send an e-transfer of ten dollars to infosec.calgary gmail.com and in that in in that just include your name email and discord username if you have one and do it make sure to include your four-digit discord identifier premium members also get full voting rights in our club if they attend half of our

meetings and are a student of the university of calgary and also get early access to register for magpie ctf which you will see coming up soon so if being a speaker is something that could possibly interest you just send an email over to infosec.calgary gmail.com and one of us will get back to you um so i alluded to this earlier but one of the other major things our club does is something called magpies dtf this is now an annual ideally cyber security competition a ctf we started last year if you're not familiar with what a ctf is b-sides is running one right now that you should check out but um it's called a capture the flag competition and it's basically

a cyber security competition where you try and attack vulnerable programs files or websites and find a little piece of information called the flag inside of it it's a unique string um and it just proves essentially that you could attack the system the way it was meant to be attacked um in magpie magpie ctf this year 2022 not 2021 is happening february 25th to february 27th it is categories of web exploitation cryptography forensics reverse engineering binary exploitation open source intelligence and a miscellaneous category if you are a student in canada there is a possibility for you to win cash prizes and then everyone has the possibility to win subscriptions swags etc this year our two major sponsors are

cisco systems and tech resources so thank you to those too um if you want more information you can go to magpi.ca um for our landing page um i don't know if we've mentioned this but last year was 80s theme and this year is heist theme so it's made by heist um so that is all for our presentation that is a brief overview of all of the things that we do um but we're always interested in talking to different industry professionals people interested in our club students that are just from other universities or at the university of calgary that didn't know we existed we're always interested in talking to everyone the main place to do that would be our

discord that is where we do most of the communication to the members of our club and just talk with people talk about different ctfs sometimes we hang out in the voice channels on fridays and saturdays sometimes we'll do ctfs in there that people can join in on so you can either scan the qr code or follow the discord invite link there is a bot that will make you accept the rules in the hashtag rules channel please do that or else you will not get access to the majority of the channels and you won't be able to see what we're doing um other than that we have our website at infosec caligari.ca that has our schedule our speakers a

little bit about us it even has a resource section of things that we think are important to get into cyber security um so you can go visit there if you want to figure out more about what we're doing um if you have any questions or any proposals or anything that you want to talk to us about you can always email us at infosec.ucalgary gmail.com and finally we're on social media for facebook twitter and instagram at infosec ucalgary um so if you have any questions about our club i'm happy to answer them um but that is all we really have for you uh we're super excited to be here we love besides and uh yeah i'm just happy to talk with

people