< Cybersecurity Across Cultures/>
THREAT 2025 is a collaborative platform where business, government and academia interact to build a secure, digitally-enabled society.
< conference_co_chairs />
Kaleem is the head of the Computer Emergency Response Team of Mauritius (CERT-MU) and is an active member of many related international organisations. MU is a national CERT of Mauritius operating under the Ministry of Information Technology, Communication and Innovation, Republic of Mauritius.
Kaleem is actively involved in cyber norms implementation at the national level. He spearheads the national and regional cyber capacity building through the ITU Centre of Excellence. He also drives the cyber policy implementation and coordinates the cyber incident management for the national CERT in collaboration with regional and international partners.
Dr. Sheeba Armoogum is an Associate Professor in the Department of Information & Communication Technologies at the University of Mauritius.
Previously serving as the Head of the Department of ICT, she currently leads the CyberSecurity & Forensics Research Group at the University of Mauritius.
Dr. Armoogam is a research fellow at INTI International University in Malaysia, Visiting Faculty in South Africa. Additionally, she was the Interim Chairperson for the Industry Committee on ICT at the Southern African Federation & Engineering Organisation and Executive Board Member of the International Cyber Security & Investigation Committee ICSIC. Dr. Sheeba plays an active role in various international committees, such as the Africa Region to International Cyber Security Steering Committee and the International Cybersecurity Challenge Steering Committee, where she represents Southern Africa as Deputy Secretariate for both committees.
< conference_editorial_board />
Mauritius
South Africa
South Africa
Mauritius
United States
Mauritius
Mauritius
Malaysia
Mauritius
India
South Africa
South Africa
< conference_venue />
THREAT 2025 explores how cultural and societal contexts shape cybersecurity, focusing on the importance of cross-cultural understanding when building secure, digitally enabled societies. It provides a platform for government representatives, business leaders, and researchers to examine how language, values, and social norms influence both the perception and practice of cybersecurity. The conference emphasises the strategic role of cybersecurity as a safeguard for economic development and as a catalyst for trust and innovation in diverse cultural settings. By broadening the scope of digital transformation beyond purely technical boundaries, THREAT 2025 highlights the interplay between emerging technologies, cybersecurity, digital public infrastructure, and cultural frameworks. It advocates a triple helix approach—bringing together industry, policy-makers, and academia—to foster inclusive dialogue and cooperative solutions. THREAT 2025 will equip participants with insights to navigating the cultural complexities of global digital transformation, exploring how cybersecurity practices can be harmonized across societies while respecting local realities. THREAT 2025 thus becomes a pivotal event for reshaping international dialogues and equipping leaders with the tools to secure a more resilient and culturally attuned digital future.
National and regional case studies of culturally contextualised cybersecurity frameworks
Participants will explore key Windows system artifacts such as event logs, registry hives, and file system metadata that reveal attacker behavior. The session highlights how these artifacts fit into the incident response process and map to specific attack techniques.
Learn to rapidly collect and parse logs and forensic data using KAPE (Kroll Artifact Parser and Extractor) and EvtxEcmd. The session emphasizes targeted evidence collection and validation to support efficient analysis.
Participants will perform structured log analysis using Timeline Explorer, applying the PANICS framework to interpret events, correlate activity, and build an investigative narrative from the collected data.
This session introduces Hayabusa, a fast and powerful event log analysis tool that helps detect suspicious activity using Sigma rules. Participants will practice mapping findings to attacker TTPs and use PANICS to contextualize alerts.
Participants will transition to analyzing logs at scale using Wazuh, an open-source SIEM platform. The session focuses on detection correlation, alert interpretation, and mapping observed behaviors to MITRE ATT&CK TTPs through guided investigations.
Practical, all-participant session with facilitators guiding the creation of context aware tools and messaging
Accepted papers will be presented via round-table discussions in the relevant sessions.
< conference_speakers />
chair for the International Federation of Information Processing Working Group on ICT in Peace and War, and the co-Editor-in-Chief of the International Journal of Cyber Warfare and Terrorism.
< conference_fees />
< conference_partners_and_sponsors />
< conference_contact />