SIGS Technology Conference – Security Day Speakers 2017

All presentations are held in English

 

Key Notes

CERN, Stefan Lüders, Head of Computer Security
Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Since 2009, he is heading the CERN Computer Security Incident Response Team as CERN’s Computer Security Officer with the mandate to coordinate all aspects of CERN’s computer security — office computing security, computer centre security, GRID computing security and control system security — whilst taking into account CERN’s operational needs.
Dr. Lüders has presented on computer security and control system cyber-security topics at many different occasions to international bodies, governments, and companies, and published several articles.

Security in an Academic Environment: The Balance between Academic Freedom, Operations & Computer Security
Like any other entity, the European Organization for Nuclear Research (CERN) is daily targeted by the malicious cyber-evil. Protection is difficult as CERN staff and users value high their academic freedom important to prosper and for pursuing their research. Hence, any cyber-security approach needs to find the appropriate balance between this academic freedom, the operation of accelerators & physics experiments, and the protection of all digital assets.
This presentation will outline such an approach, discuss attack scenarios and problems, and present CERN’s solution for countering cyber-attacks.

Cisco, Story Tweedie-Yates, Head of Security Business Unit – EMEAR
Story is a Product Manager for the Cisco Security portfolio in the Security Business Group. In her role, she is responsible for introducing customers to Cisco’s large portfolio of security offerings, applying these offerings to verticals, market segments and the local relevant EMEAR context. She serves as a Subject Matter Expert and thought leader on Cisco Security, creating content and presentations about how Security enables digitization and innovation. Recently she has served as the Product lead for Cisco Web Security, bringing new Cloud and CASB capabilities to market for Cisco customers while pioneering a popular webinar series.

Story is a Stanford graduate with a BS in Psychology. She also has an MBA from Thunderbird School of Global Management, speaks fluent Spanish and has done business in over 40 countries. In her time off, you will find her on a bike riding around Amsterdam or exploring underwater treasures with a scuba mask alongside her husband.

The frontiers of cybersecurity; how to prepare
In this presentation, you will see a case study around preparing for the cybersecurity issues of tomorrow. We will get specific about research currently underway in the realm of supply chain security, lightweight security and cryptography for IoT environments as well as quantum resistant cryptography.
We will expand the conversation to the practicalities of executing and nurturing futuristic ideas, discussing best practices for working across government and academia. The presentation should provide some new ideas to the audience to help inform their own future cybersecurity initiatives.

IBM Resilient, Ted Julian, VP Product Management & Co-Founder
Ted is a well-known, highly regarded figure in the security and compliance markets. Over the last 12 years, he has conceived and launched multiple successful security start-ups across software, hardware, and professional services. He served as the founding VP of Marketing at Application Security, the leading provider of database security solutions. Prior to Application Security, Ted was a company founder and Chief Strategist (functionally the VP of Marketing) at Arbor Networks (acquired by Danaher), a leading network security firm whose technology protects the backbone networks of virtually every provider around the globe. Prior to Arbor, Julian was a company founder and VP of Marketing at @stake, the premier digital security consulting firm (acquired by Symantec). He got his start in high tech as an industry analyst at International Data Corporation (IDC) and Forrester Research.

Julian is a sought-after industry expert who has appeared on CNN and ABC News as well as in the Wall Street Journal and USA Today. He is proud to have been named “Geek of the Week” by The Boston Globe and to be a guest lecturer at Cornell University’s Johnson School. Ted serves on the board of his town’s recreation department and is an avid runner. He holds a Bachelor of Science degree from Cornell University.

The Role of Orchestration in Incident Response
Faced with an avalanche of alerts, insufficient staffing, and a bewildering regulatory environment it’s no wonder that most companies struggle to respond effectively to cyberattacks. Successfully resolving attacks requires fast, intelligent, and decisive action – organisations need to have an orchestrated plan in place before an attack occurs. The best organisations leverage an orchestrated response capability to achieve cyber resilience.

In this keynote, IBM Resilient’s Ted Julian, Co-Founder and VP of Product Management will explore the latest incident response methodology and technology. Can automation really save the day? Or are the naysayers correct that the automation cure is worse than the disease itself? From instant escalation, to automatic enrichment, to guided mitigation, Ted will explore the latest incident response techniques and share what works and what doesn’t.

University of Toronto, Allan Stojanovic, Information Security Architect
Allan Stojanovic has survived IT for over 20 years. He has worked in nearly every vertical doing may different roles, mostly in the Information Security field. A jack of all trades, he tries to know a little bit about everything, and is a self proclaimed expert at nothing. The University of Toronto has been kind enough to employ him for the last 6 years.

You can find a first impression at YouTube

Tactical Defence: Principles and Observations
Have you ever had to justify a firewall? What do you do when you don’t have one? Over the past six years we have been exploring non-traditional tools, and through them defining security principles to help defend our large open network. These principles have helped us focus our efforts, educate our population, and even guide some of our purchasing decisions.

In this presentation, I will talk about some of these principles, the observations that lead us to them, and the some of the outcomes of trying to implement them. Spoiler alert: They work very very well, even along side traditional security thinking.

Zscaler, Bil Harmer, Strategist, Office of the CISO
Harmer has been in the IT industry for 30 years. He has been at the forefront of the Internet since 1995 and his work in security began in 1998. He has led security for startups, Government and well established Financial Institutions. In 2007 he pioneered the use of the SAS70 coupled with ISO to create a trusted security audit methodology used by the SaaS industry until the introduction of the SOC2.

He has presented on Security and Privacy in Canada, Europe and the US at conferences such as RSA, ISSA, GrrCon and the Cloud Security Alliance. He has been interviewed by and has written for various publications such as Dark Reading, Data Informed, SecureWorld and Security Intelligence. His vision and technical abilities have been used on advisory boards for Adallom, Trust Science, ShieldX, Resolve and Integris. He has served as Chief Security Office for GoodData, VP Security & Global Privacy Officer for the Cloud Division of SAP and now serves as a Strategist for Zscaler where he runs the Office of the CISO for the Americas.

Change is Merely an Act of Survival
This presentation will review the history and development of the corporate network and its interaction with the Internet. How the adoption of SaaS and PaaS base solutions have rendered the network irrelevant from a security perspective. We will explore the developments in malware, how threat actors have taken on a business approach to creation, distribution, and management of their attack campaigns.

We will then take a few steps into the future and explore some possibilities that have the potential to greatly affect corporations and how they protect themselves. Finally we will explore some of the potential strategies that can be started now to lay time ground work to ensure a more secure architecture in the future.

 

Professional & Sponsor Presentations

Acer, Howard Cheung, CIO
Howard has been in the IT industry for 30 years serving companies in the U.S. and Europe. Howard has spent 16 years with Acer Europe as Chief Information Officer and seven years as Software Development Manager with Radiant System/NCR managing international software development for the Retail Industry.

Howard holds Master of Business Information System degree from Georgia State University in Atlanta, Georgia, USA.

Build a secured system from day one with proper architectural planning, governance and change managemente

  • Add focus on security beyond just the infrastructure side. A proper designed and architect software application will add to the confidence of management on security
  • Manage all the interactions and interfaces of all software applications through and “indirect” approach to isolate and identify issues, also ease in development and testing
  • Design / build software system and development process with security in mind from day one, not an afterthought or add on
  • Utilize readily available cloud based tool to facilitate “social” like communication and project management to help enforce governance and change management

Avecto, Dennis Weyel, Senior Technology Consultant
Dennis is a Senior Technology Consultant at Avecto. In his role, Dennis helps global organisations get the most out of their security software, helping them build stronger, better performing security environments. With over 17 years’ experience in the security and software industry, Dennis has a wealth of technical knowledge and insight working closely with CISOs and CIOs.

Social engineering is nothing new! The solution is simple
With the majority of threats originating from email attachments and internet downloads, users pose a huge threat to the organization. Starting with user behaviour, we look at what lessons can be learnt when it comes to security and how to put proactive measures in place that protect your data, even if users are clicking on untrusted links and opening malicious email attachments.

We will take you through a simple, smart approach to security that stops internal and external attacks before it’s too late.

Balabit, Martin Grauel, Pre-Sales Manager EMEA
Martin Grauel is Pre-Sales Manager EMEA at Balabit, a leading provider of contextual security technologies with the mission of preventing data breaches without constraining business. Prior to the current role, he was working as a Pre-Sales Engineer at Balabit for the German, Austrian and Swiss region.
After studying business informatics, Martin has been working in the IT security industry for more than 15 years. Prior to Balabit, he was a consultant for a German information security service provider.

How Context is Key in Preventing Data Breaches
If we want to find out why a breach happened, or assess the damage, we have plenty of time to trawl through logs, look at session recordings, and so on. But if we want to prevent a breach, we have to react with lightning speed.
So what is it that can enable us to react fast enough? In an ideal world computers can make these decisions, but in reality this is usually a combination of some artificial and some human intelligence.

At the end of the day, the critical ingredient for both computers and humans is context. Without it, there is too much data, and too much irrelevant data, to make accurate and rapid decision making possible. In this presentation you will learn how can you use contextual information collected by various security solutions to reduce the chance of data breaches.

BitSight Technologies, Frank Weisel
Frank Weisel works in IT-Security since the early 90s with Companies like McAfee, Trend Micro, Fortinet and now Bitsight. He is well known for establishing new innovative companies in the European market.

Frank has a degree in technical physics and work several years at the TU Munich programming mathematical simulations.

Simplifying vendor risk management through continuous risk monitoring
With this presentation you will learn about the so called “Third Party Cyber Risk”, which is also known as “Supply Chain Cyber Risk” and “Supplier and Customer Cyber Risk”.

We will demonstrate what this concept means, which threats are coming from the “Cyber Risk”, and how organisations can manage and control the “Third Party Cyber Risk” effectively.

Bromium, Jochen Koehler, Regional Director
Jochen Koehler has joined Bromium as Regional Director for DACH (Germany, Austria & Switzerland) in November 2015. Since then he expanded Bromium’s customer base across all verticals and established notable channel relationships that help him accelerate sales for the only Endpoint Protection Solution in the market that does not rely on detection.

Jochen has 20 years of experience in IT- and Information Security focussing on the launch and growth of software and consulting companies in DACH.

Immunity – once and for all
Client devices are the most critical link in your protection chain. Whilst using state-of-the-art security technologies on the perimeter, most enterprises still aim to protect their users with legacy Antivirus on their PCs. The problem is that they all rely on detection thus will only protect you from what they already know is bad – comparable to the human immune system! And what do we do to no longer get sick? Staying home? Getting vaccinated? Wearing a protective suit?

These are all valid options but they obviously have different implications on your daily business – but what if there was a way to immunize your body or system in a way that does not at all affect you and your work? Such as “click on anything” without risk of a compromise? See and listen to an unparalleled approach that has changed the security model of many enterprises already.

Casinos Austria / Austrian Lotteries, Michael Mrak, Head of Departement Compliance
Michael Mrak, born in 1963, started to work for Casinos Austria in the year 1993 as an IT project manager. He was responsible for the design and implementation of the nationwide network of all 12 Casinos in Austria and for the integration of IT systems. He was also responsible for the development and operation of all IT security systems.

In the year 2001 Michael left the IT department and joined the Internal Audit Division as Data Protection and Information Security Officer. In 2001 he also founded the Department Data Privacy of Casinos Austria and the Austrian Lotteries.

Michael joined the Division Public & European Affairs and founded the Department Data Privacy & Anti Money Laundering in 2008. Since 2012 his Department also covers the field of Anti-Corruption and was renamed to Department Compliance.

Michael is a lecturer at the University of Applied Sciences in Graz and he is also well known as a speaker at various national and international seminars about Data Privacy & Security issues, Anti-Corruption awareness programs and Anti Money Laundering methods in the gaming industry. He is also an expert in the field of compliance certification standards.

He is a dedicated member of the Compliance Officer Association Austria, a founding member of the Austrian association of Privacy Officers and also an active member of the International Association of Privacy Professionals and the Association of Certified Anti-Money Laundering Specialists.

Thoughts on the meaningful use of compliance management systems
In his short presentation Michael Mrak will introduce the integrated compliance management system of Casinos Austria & Austrian Lotteries. Everything will be explained from the perspective of a practitioner.

It all starts with the need of finding a definition what compliance means for your organization and what issues have to be covered. In his speech Michael will explain the effect of rules based vs. risks based systems in an organization and how both approaches can benefit from each other. It will also cover the question if compliance can be an innovation driver and how to get over internal resistance if it comes to the implementation of a management system. Michael will also explain the five basic elements of every compliance system and how to find internal allies to implement a working CMS.

Checkmarx, Gunner Winkenwerder, Director of DACH
Mr. Winkenwerder joined Checkmarx in 2015 after spending the previous 25 years in various positions in leading IT/Security companies like HP Enterprise Security, Mercury Interactive and PTC.

Since 2011 he has a dedicated focus on application security solutions. Mr. Winkenwerder holds an M.Sc. in Engineering from Texas Tech University, Lubbock, TX, USA.

SAST is a MUST – Software Security & Early Prevention of Vulnerable Code
Every security conscious technology professional is looking for the quick fix – the one thing they can do to flick the switch from “insecure” to “secure” and certainly there are many organisations out there ready to sell “security in a box” to whomever will pay for it.
But the single biggest bang for your buck and the most effective means of securing software is identifying and fixing vulnerable code as early in the development lifecycle as possible. Ideally this means not writing vulnerable code in the first place, or if does happen, fixing it during the development phase before rectification starts getting expensive.

In our talk, we’ll take you through some of the fundamental principles behind ingraining software security into the development life cycle:

  • Explore the role security education for software developers plays in reducing risks
  • Learn how static and dynamic analysis can be applied throughout the project lifecycle
  • Discuss employing automation to streamline secure coding practices

Cybereason, Richard Cassidy, Director Sales Engineering
Richard has been working in the IT Security arena for over 17 years, having ridden the waves of innovative technology era’s representing start-ups in networking, virtualisation, security, cloud security & compliance; Richard has gained extensive knowledge and experience of the threat landscape, including an innate appreciation of the advanced tools, techniques and procedures in operation today (by bad actor groups and solo campaigners) against businesses of all shapes and sizes, as a result of his direct involvement in Threat Intelligence operations at previous vendor roles. Richard is also a very active information security blogger and writer, having score of publications in national press in both EMEA and the U.S.

Through his experience, Richard worked to help consumers in understanding complex cyber security issues in a relevant and contextual manner, ensuring that lessons can be learned and security practices improved as a result.

Security demands Endurance
Today’s hackers are–and will continue to be–persistent. Even the most sophisticated hacking operations can be compared to a house of cards: find one or just a few components of the hack and, over time, the entire operation can collapse.

The house of cards approach to security requires moving away from the traditional IT mindset that encourages analysts to quickly close incidents. Instead, it calls for an investigative mentality with every incident considered a potential piece of a larger puzzle. In this session, Richard will discuss this new approach to endpoint security that shifts the odds in favor of the defenders.

CyberTrap, Avi Kravitz, Co-Founder & CTO
Avi Kravitz is working as a senior security consultant for SEC Consult and as CTO for CyberTrap. After years of thorough technical and information security related academic background (technical college, bachelor in IT-Security and master in Information Security) he started his career as technical security consultant with focus on penetration testing back in early 2009 after working as IT-Security expert for several years.
Within the following years he switched his focus on espionage related international incident response cases and security management topics, leading his customers through all remediation phases after an identified security breach.
While the vast majority of organizations were dealing with recurring breaches from the same adversaries, he had the idea to lure them into an intelligent trap to let them believe that they succeeded with the breach to gather unique threat intelligence at the end of 2012.
At this moment the idea of CyberTrap was born. After 2 years of development Avi is now the CTO of CyberTrap and responsible for the operational service and product management topics.

Modern deception techniques in the age of failing prevention
The vast majority of organizations, which have dealt with professional hacking attacks in the past, know that these kind of adversaries are hard to get rid of.

Once you kick them out, they find new loopholes to re-enter the organization, targeting the crown jewels every time. If you play this game long enough you will realize at a certain point in time that neither a strong perimeter security nor conventional IT security will be sufficient to conquer this battle.

The challenge we are facing in SOCs nowadays is to reduce the time to detect those adversaries and to get valuable threat intelligence to increase the resilience of security infrastructure.

Darktrace, Luana Landolt, Senior Account Manager
Luana Landolt, Senior Account Manager at Darktrace, has worked in countries and markets all over Europe with a specific attention on Switzerland. As an experienced member of the Darktrace team, she is well placed to discuss Darktrace’s fundamentally unique approach to cyber defence.

Self-learning cyber defence through machine learning

  • How new machine learning and mathematics are automating advanced cyber defense
  • Why 100% network visibility allows you to detect threats as they happen, or before they happen
  • How smart prioritisation and visualization of threats allows for better resource allocation and lower risk
  • Real-world examples of unknown threats detected by ‘immune system’ technology

IDQ, Gilles Trachsel, Director Strategic Partner Management
Gilles Trachsel is responsible for managing IDQ worldwide partner through the entire sales lifecycle and for fulfilment of technical solutions to end customers. In addition, as Product Manager of the Network Encryption portfolio, he is in charge of understanding the business and security requirements of end customers in the area of Quantum Safe Cryptography.

Gilles brings to the role over 24 years of international business development, technical and product marketing management experience.
Prior to this role, Gilles spent a year and a half at LANexpert / Veltigroup.

Before joining LANexpert, Gilles spent more than 10 years at Juniper Networks Ltd., being responsible for the product and solutions marketing for the whole Enterprise portfolio throughout the EMEA region. He was also in charge of the Advanced Technologies division in Juniper, covering Eastern and South-Eastern Europe.

Prior to this, Gilles held a number of EMEA and Asia Pacific positions with Peribit Networks (successful US startup), U.S. Robotics and 3Com.

Quantum-Safe Security – How the threat of the quantum computer compels us to revise our security strategies
It is now well understood that a quantum computer, i.e. a computer which carries out its calculations by manipulating quantum objects known as qubits, offers tremendous computation power and enables to solve otherwise intractable problems.
In particular, quantum computers will break all existing public key cryptographic systems, and render our cyber security infrastructure obsolete overnight.

However, until recently, manufacturing a quantum computer, in essence a controllable macroscopic quantum object, was seen as mere science fiction, something which might become possible in the faraway future only.
Recent progress in this field, led by government and academia, but also by major companies like Google, Microsoft, IBM and also start-ups like D-Wave, have totally altered this perception.

It is now considered that a general-purpose quantum computer could be available within five to ten years. The cyber security community has to integrate this new risk into its strategy.

The aim of this session is to provide the audience with current progress in the field of Quantum-Safe Security. We will explain how to assess the risk to your security infrastructure, and suggest implementable solutions.

Kudelski Security, Christophe Wachter, Senior Security Analyst
Christophe Wachter has advanced cyber security knowledge and brings industry leading certifications in incident handling, reverse engineering and network monitoring which have assisted him in developing several Security Operation Centers and operating them. Before he joined Kudelski Security he worked in start-ups, software development and cryptography.

Tic, tic, tic … 146 days !
Currently, the time to detect threat actors after a compromise is much too long. Hundred days are needed in average which brings the breach impact to an incredible level. As a conclusion, current techniques and processes are not adapted to the actors the world is facing.

We will present you how we have addressed that issue very efficiently in an advanced threat actor case.

Kudelski Security, Martin Dion, Vice President EMEA Services
Martin Dion is Vice President of EMEA Services at Kudelski Security, previously holding the position of Vice President of Financial Services. Prior to joining Kudelski Security, he founded and led Above Security (Canada) and SecureIT (Switzerland) for over 10 years, after which he stepped into the role of Head of IT and Corporate Security in a private bank in Switzerland.
Martin holds a Bachelor’s Degree in Administration from the Hautes Etudes Commerciales, Montreal and a Diploma in Operational Risk Management from Kaplan University, Chicago. Martin is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and a Certified ISO 27001/20000/27005/22301 Trainer & Lead Auditor.

Bridging the gap between Cybersecurity & the Business
More than ever before, the field of cybersecurity is faced with greater challenges. Whether we like it or not, we are losing ground in terms of involvement in the projects while on the other hand, cybersecurity is of greater concerns to the top executive of the enterprises. The digital transformation that most modern organization are going through puts back the power of developing new opportunities, using technology, in the hands of the business people that are not as security cautious as we would like.
Without a common language and steering practices, Cybersecurity specialists are relayed to an after the fact audit role and still seen as technical specialist. Come see this presentation to discover the Secure Blueprint, an approach we have developed to bridge that gap and to win back a seat at the table.

Microsoft, Philipp Hunold, Lead Cybersecurity Specialist Western Europe
Philipp has more than a decade Cyber Security experience. He consults some of the largest enterprises in Europe how to fight advanced cyber threats, how to increase their cyber resiliency and improve their security posture in a modern environment.

Disrupting the kill chain
For an efficient cyber security program it’s important to understand the kill chain. We explain the techniques used by attackers and what typically happens after the first system is compromised.

Additionally we discuss opportunities to break that attack playbook and why you should protect your privileged credentials.

Nestlé, Rick Rietdijk, Globe Compliance Team Lead
Security professional for more than 10 years. Initial security expertise in the areas of Identity and Access Management, last few years focus has shifted to ISMS and risk management.

Managing cyber risks across a global organization
Our approach to managing our cybersecurity risks through certified Information Security Management System (ISMS) implementations and the endorsement of top management. Our journey in building awareness and risk management capabilities to manage cybersecurity risks from the bottom up whilst in parallel getting focus and support from the top of the organization.

ObserveIT/IBV, Kris Kormany, Business Analyst and Consultant
Kris Kormany, Business Analyst and Security Consultant, has been working with IT-Security products for several years. Always in focus: The human being and our behaviour in regards to critical data.
Having formerly worked as an IT system engineer in multiple environments, Kris has gained expertise in both the technical aspects of a company’s IT-infrastructure and also the organizational and human factors, such as employees’ strengths and weaknesses when it comes to handling critical business data on a daily basis.

Abracadabra! Transforming your internal users − your most vulnerable security link − into your greatest guardians
90% of security incidents are caused by insiders, according to the Verizon DBIR Report. How can you gain true visibility and control over who has access to your sensitive data? Security controls and methodologies have traditionally focused on a reactive approach to reducing risk. Now that we better understand the real threat of internal users- whether through negligence, lack of awareness, or harmful intent, it’s time to shift gears towards a more proactive approach to preventing breaches and risk.

Join us to learn how to:

  • Increase internal security awareness in your organization
  • Reduce potential risk by up to 50% by educating and shaping user behavior
  • Engage your employees as active guardians
  • Establish an effective Insider Threat Management program
  • Identify who your high-risk users are and assess/analyse risk levels (per employees, IT privileged users, third-party contractors…)
  • Vendor management: determine and manage their impact
  • Effectively deter high-risk malicious users
  • Detect early warning signals of user-based risk
  • Leverage Forrester’s industry forecast to determine the right processes and tools to combat changing security risks

Proofpoint, Adenike (Nikki) Cosgrove, Cybersecurity Strategy EMEA
Adenike Cosgrove is the Cybersecurity Strategist for EMEA at Proofpoint, where she drives product marketing and strategic initiatives across European markets, and provides expertise on regional challenges such as data privacy and compliance.

Prior to joining Proofpoint, Ms. Cosgrove was global product marketing lead for Email Fraud Protection at Return Path, a division acquired by Proofpoint in the summer of 2016.
In her role, Ms. Cosgrove participated as a subject matter expert in key conferences including the e-Crime series and the Gartner Security & Risk Management Summit in Maryland and was elected Vice Chair of the DMARC.org working group, tasked with developing a means of fagging fraudulent emails to consumers in cooperation with some of the world’s largest email service providers.

Earlier in her career, Ms. Cosgrove worked as lead EMEA advisor to security and risk professionals for Forrester Research and Canalys, where she developed a deep understanding of CISO challenges, and helped clients with their information and cybersecurity strategies.

Ms. Cosgrove holds a Masters of Research, Telecommunications from UCL (University College London).

Fighting the next generation of targetted Business Email Compromise attacks
Today’s advanced attacks focus more on exploiting human flaws than system flaws. Business Email Compromise (BEC) attacks that impersonate executives and business partners to trick your employees are the biggest cyber threat to organisations today. But what may surprise you is that the vast majority of BEC attacks are preventable.

Learn about the current BEC trends and attack methods, and how your organisation can identify and block these attacks before they reach the inbox.

Qualys, Leif Kremkow, Director Technology
Leif Kremkow, Director Technology, Qualys has been with Qualys for over 13 years now. Committed to working with Qualys’ customers to help make the most of the Cloud Platform and its dependant services. Prior to being Director Technology, Leif worked closely with CAC40 enterprise companies as a Technical Account Manager to define custom solutions, carefully respecting corporate culture, fostering user acceptance, and documenting processes.

Leif has been a speaker at various European events, such as Systems, Assises de la Sécurité, RSA Conference, InfoSec, or the CSO Interchange.

A German citizen living and working in France, Leif has a Bachelor of Sciences (Hons.) in Computer Systems and Networks from the University of Plymouth in England.

Hallmarks of a Successful Vulnerability Management Program
Leif Kremkow will review some fundamental principles of a how our customers built vulnerability management programs that were successful in their enterprises. Correctly identify the basic needs of your vulnerability management program and ensure that you don’t fall below the relevance poverty line. Anecdotes and examples drawn from existing deployments will illustrate how different answers to common problems of supplying food, shelter, and clothing to your vulnerability management program can lead to success.

RadarServices Smart IT Security GmbH, Harald Reisinger, Managing Director Service Management, Research & Innovation
Harald Reisinger is co-founder and Managing Director of RadarServices, the Vienna-based European market leader for Managed Detection & Response. He has over 20 years of experience in corporate management in the IT sector. He was the co-founder of Greentube Ltd., an European pioneer of massive multiplayer gaming. Before and during the IPO phase of betandwin.com (today bwin.party digital entertainment plc.) he was a member of their management and IPO team. In 2001, Harald Reisinger founded base-camp GmbH, which developed into one of the largest IT security companies in Austria. RadarServices originated from his idea for a next-generation IT risk management services.

Harald Reisinger studied international business at the Vienna University of Economics and Business and the University of Nebraska at Omaha.

Transforming a Cyber Defence Center into a Value Proposition
Nowadays, continuous and comprehensive Cyber risk detection represents an imperative for each and every organization. But how can you create a value proposition from establishing a Cyber Defense Center, the entity typically responsible for providing the overall IT risk management landscape? What needs to be done to create a transformation from raw security events into a process-driven Cyber risk management process, including linking single security events to business process risks?

We will show you how you can focus on risk remediation and mitigation, but not on the mammoth-task of risk analysis and evaluation by integrating technology, experts and processes. You will learn how you can reduce detection complexity, creating risk transparency and enabling focus on remediation priorities.

Rapid7, Samantha Humphries, International Solutions Manager
Samantha joined Rapid7 with a wealth of IT Security experience. She’s our resident expert in… well, everything. Her career has seen her through sales, technical support, marketing, channel support, incident response and research management so it’s safe to say, she understands needs from many different perspectives. In recent years, Samantha has been more involved in product and solutions management, and she’s excited to be with you today to talk to you about attacker behavior and incident response.

Lying to know the truth
Attackers commonly use deception techniques to infiltrate and breach networks. Lying to Know the Truth shows you how deception isn’t just for attackers, it can help you detect nefarious activity early in the attack chain.

Join us as we discuss:

  • Common attacker reconnaissance techniques
  • Hiding in plain sight – when is a user not a user?
  • The lies you should tell attackers

SailPoint, John Waters, Technical Sales Europe
After graduating in business management, John Waters worked for several years as a business consultant with the main focus on process procedures and organizational structures. In the business process reengineering projects, the issue of governance, risk and compliance has become more important.
At this time John begun to deal with the theme of data governance since virtually all business processes need data exchange as a kind of “fuel” for the processes, But if these data get lost, it will take very high costs and effort to correct the hurt. Lau John, Data Access Governance is not just a matter of data security and compliance, but above all, a very important contribution to business enablement.

together with

SkyPRO AG, Andreas Fuhrmann, CEO
Andreas Fuhrmann founded the IT service company SKyPRO AG together with his brother Horst after completing his studies as computer engineer at the ETH Zurich . Today the company employs around 50 people and has his headquarter in Cham, Zug, a development center in the Ukraine and a sales company in the USA.
Andreas Fuhrmann has been a consultant for Identity & Access Governance for more than 15 years. During this time he successfully implemented various IAG projects at major banks, insurance companies, industrial companies and public administrations. Due to his practical experience, he has extensive knowledge in the area of Identity Access and Security.

The anatomy of a data breach
At the core of a successful data security strategy, is having an understanding of how data breaches occur, breaking these down into phases, and applying measures to address causes at their root. Do you ever imagine putting in place a network of sensors, protecting your sensitive data, detecting unwarranted behavior and remediating?
At SkyPro, we have developed a strong understanding about how data breaches occur and have established methodologies of people, processes and technologies as to how organizations can address the root causes of data breaches in a sustainable way.

Securosys, Andreas Curiger, Founder & CTO/CSO, President of the Board of Directors
Dr Curiger has been an information-security professional for his entire business life. He started his career in the semiconductor business designing algorithms and hardware circuits for cryptographic applications. Then he moved on to designing and manufacturing hardware-based high-security solutions for governmental customers worldwide. With Andreas, Securosys is bringing the technology of high-end security that has previously been exclusively reserved to governments, to the enterprise market.

Andreas holds six patents and has authored and co-authored numerous scientific papers on cryptography and hardware design. He earned his M.Sc. and his Ph.D. in Electrical Engineering from the Swiss Federal Institute of Technology (ETH), Zurich, Switzerland, and his EMBA degree from the University of St. Gallen (HSG), Switzerland.

The key to security is in the Hardware — Why we need to use secure Hardware in our ICT Systems
Attacks on digital information of all kinds (such as corporate data, measured values or control commands) have been fact of life in the networked and mobile age since the early years of the Internet. The software industry has been trying hard to close security gaps and keep malicious software away from the IT systems.

With the consistent implementation of zone concepts (firewalling) and security mechanisms (authentication and encryption), a high protection level is achieved in principle. However, the largest vulnerability is at the interface where unprotected data is encrypted or decrypted using cryptographic keys, or legitimate system users are authenticated. Software alone does not prevent attacks on this interface. Secure and trusted hardware must be used.

This presentation shows why standard hardware is not sufficient at this interface and how dedicated hardware must be built to ensure the security of IT networks — whether the user is a human being, a machine, or a sensor.

SentinelOne, Andy Norton, Risk Officer – EMEA
Andy, has been an IT security professional for over 20 years, specializing in helping organizations to measure levels of risk and implement new methods of control, not all of them have been successful, sometimes the technology fails, sometimes the culture fails, sometimes we fail to understand the risk.

However, these failures have occasionally led to great innovation, the development of reputation security at IronPort, was one career highlight, researching field intelligence for FireEye to help boards understand risk was another. His latest chapter is to aid the reform of the whole process of security by baselining with endpoint instrumentation.

Elastic Defence
Overview of the current chaotic threat models in use by various malicious groups, and the challenges in demonstrating appropriate levels of security for a given risk at a reasonable cost. An insight at the uses of machine learning to detect and respond to different threat actors.

ServiceNow, Myke Lyones, Director and Head of Strategy
Myke is a Director and Head of Strategy for ServiceNow’s Security Business Unit helping larger companies better respond to imminent security incidents, quickly find indicators and observables of compromise, and effectively remediate known vulnerabilities. Myke has over 16 years experience in information technology and security.

Prior to moving to the Security Business Unit, Myke led ServiceNow’s information security group and was brought on board to help secure the cloud startup while creating a mantra of transparency. He has also held Senior Security positions at Grey Global Group, Y&R, WPP Group, and GE Capital

Break the silos between Security and IT Operations
Security and IT Operations use on a daily basis more and more sophisticated solutions to protect their assets and detect a potential breach. We hear more and more about Machine Learning and Artificial Intelligence, but in terms of Incident Response, organizations still rely on manual processes that do their best to link together siloed teams in order to respond fast.

Listen to Myke Lyons to learn how Security can better collaborate with IT Operations to resolve real threats faster using structured and automated response processes to prioritize and resolve incidents based on business impact.

Splunk, Alain Gutknecht, Staff Sales Engineer
Alain is an experienced IT professional and has held a range of engineering roles during the course of his 20-year career. Prior to Splunk, Alain worked for vendors including VMWare, Sun Microsystems and Silicon Graphics.

Best Practices for Scoping Infections and Disrupting Breaches
Infection and exploits will occur. The new goal is to prevent those infections from becoming a data breach. To do this successfully, security analysts need the ability to continuously collect, analyze, correlate and investigate a diverse set of data.

Listen to this session to hear Alain Gutknecht discuss the specific data sources and capabilities required to determine the scope of an infection before it turns into a breach. See a live incident investigation that demonstrates this approach.
In this session, you will learn:

  • The capabilities required to distinguish an infection from a breach
  • The specific analysis steps to understand the scope of an attack
  • The data sources required to gain deep and broad visibility
  • What to look for from network and endpoint data sources

SUA Telenet GmbH, Markus Martinides, CEO and independent IT Security Audit Expert
Markus has been in the IT-GRC and Telecom-Network IT-Software and Datacenter Industry for over 30 years. Has been working for Alcatel (now Nokia), ADT (Security Services), Intermec (now Honeywell) and Huber & Suhner Radio & Mobile Communications. In 2001 he started his own business with SUA Telenet GmbH in Schaffhausen Switzerland.

Markus holds a Degree of Electrical and Informatics Engineering from Swiss Federal Institute of Technology (ETH) Zürich 1986. He is specialized in Information and Communication Technology, Project Management and Cloud Based Applications. He is an expert on Privacy, Data-Protection and Encryption in the Health-Industry, Banking, Insurance and Governmental Infrastructure environments.

Security Audits – How secure is your IT landscape?
You have already meticulously introduced security concepts (ITIL, ISO, Cobit) under tremendous cost and are surprised that you are still being successfully attacked? Then it is time for a technical security audit in which configuration errors and technical weaknesses from the optics of the attacker are systematically and relentlessly detected in your IT systems.

Security expert Markus Martinides shows in the seminar how to audit all critical system areas during an audit. Based on many practical examples, the lecturer shows how an audit is designed, the costs involved and how the results are implemented.

Vectra Networks, Matt Walmsley, EMEA Director
Matt Walmsley is EMEA Director at Vectra Networks. Matt has over 25 years’ experience in helping organisations deploy and secure their network infrastructure having worked in a variety of pre-sales consultancy and technical marketing roles for global technology companies such as Endace, Hewlett Packard and 3Com.

A self-professed “network guy” Matt joined Vectra Networks with a remit to help organisations transform their security response capabilities by using AI powered advanced threat detection solutions. Matt is based in the United Kingdom, and holds a Masters in Business Administration.

Using AI to catch in-progress cyber attacks
Cyber attackers operate undetected for an average of 146 days but obtain admin credentials in less than 3, and 53% of attacks are only discovered after notification from an external party. The complexity and velocity of attacks is increasing whilst traditional security capabilities become overwhelmed. Detecting active attacks, reducing dwell time and accelerating incident response is a top priority.

In this session, you will learn how different artificial intelligence techniques can be combined to automate the detection of in-progress cyber-attacks within your network. We’ll explain how automated threat hunting can even handle encrypted traffic, whilst still maintaining the privacy of your users. Then we’ll share a case study of a real attack detected using this AI approach.

We’ll close by demonstrating how to integrate such a capability into your existing security technology stack to force multiply your security response capability, and close your cyber detection gap.

Virtual Solution AG, Thorsten Meyer, Director of Product Management
Thorsten Meyer has been a mobility professional over the last 20-year extensive knowledge in building and managing profitable products with global coverage in the Information & Communication Technology sector. Thorsten has a passion for bringing new communication concepts to the market and defining new ways of collaboration and communication.

Secure Mobile Communication – The Future of Mobile Productivity
New ways of secure mobile communication and secure data exchange are getting more and more on the radar of CSOs, CFOs and CTOs. Employees are looking for a convenient way to work anywhere from corporate device or BYOD.

New simplified mobility services overcome traditional MDM challenges. This presentation will show you new ideas on how to simplify enterprise mobility while delivering a solution that has high user acceptance and fits your enterprises mobile strategy.

WEIDMANN ELECTRICAL TECHNOLOGY AG, Florian Büchting (CIO) and Marco Krieg (Corporate IT Services)
Florian Büchting has been the CIO of the company and responsible for the corporate IT services for the last 9 years. Together with Marco Krieg, who has been working in the company’s IT Network and Security service for several years, they face the problem of implementing a reasonable level of IT security due to few business requirements. Finding the happy medium between enough security to protect the company and not interfering with business operations is the challenge.

Workshop: Best practice approaches to information security with limited financial resources and few business requirements
This workshop aims to discuss and exchange information security considerations within companies, especially those acting in the industry sector, with limited financial resources and few business requirements to implement an appropriate information security concept. The following topics shall be discussed in particular:

  • Does your company have a security officer (CISO, Risk Manager)? If so, where in the organization is that person?
  • How are security requirements between business and IT being coordinated?
  • What is your current information security concept and what is your future strategy?
  • What are your companies biggest risks?
  • How much can you spend on IT security?
  • Do you use security metrics for internal leadership and benchmarking reasons?

WEIDMANN ELECTRICAL TECHNOLOGY AG, a member of the WICOR group and a global manufacturer of electrical insulation solutions, will briefly present their current situation and would then like to start an open discussion with the audience. Other companies are free to present their situation as well.

 

Moderators

Arnet Consultants, Mark Arnet, owner and former FBI Special Agent
Arnet Consultants, Mark Arnet is a former Special Agent with the FBI, and was certified in computer forensics and trained in Cyber-Crimes and crises negotiations. Mark used his forensics and cyber skills investigating cyber and financial crimes, and crimes against children. Most recently, Mark was a Watch Commander at FBI’s CyWatch in Virginia, and later went on to a lead role in the FBI’s next generation case management software at FBI Headquarters in Washington DC.
Mark’s passion is protecting against cyber threats and is working with Lattis Networks to provide information technology and physical security consulting services to sensitive and classified businesses. Prior to entering the FBI, Mark was an Aerospace Engineer and holds a Bachelor’s degree in Mechanical Engineering and a Master’s degree in Aerospace Engineering.

Exeon Analytics, Dr. David Gugelmann
Dr. David Gugelmann is a security analytics researcher and the CEO of the ETH Spin-off Exeon Analytics. Prior to founding Exeon Analytics GmbH in 2016, he was a postdoctoral researcher at ETH Zurich in the Networked Systems Group. His research interests are in big data analytics, digital forensics and machine learning for anomaly detection. He combines these areas by developing big data security analytics solutions to summarize and visualize network data.

Flashpoint, Maurits Lucas, Director Strategic of Accounts
Maurits Lucas is a Director of Strategic Accounts at Flashpoint. As a member of the Business Risk Intelligence (BRI) team, Maurits specializes in bridging the gap between technology and business to address the unique security challenges often faced by today’s executives. He has dedicated himself to analyzing long-term trends and emerging threats emanating from the Deep & Dark Web to help business leaders across the enterprise leverage such information to make informed decisions and mitigate risk.

Previously, Maurits lead the cyber intelligence team at one of Europe’s oldest cybersecurity firms. He was the driving force behind a collaborative portal and unique approach to cyber intelligence. Maurits is a subject matter expert on cybercrime and has had the pleasure of presenting his research numerous times to distinguished audiences all across the globe.

ISSS, Umberto Annino, President
Umberto Annino, president of the ISSS association with 1’100 individual and company members, has 20 years of ICT experience and has been active in security for 15 years; as a senior consultant as well as a lecturer for information security, technical data protection and IT risk management. In addition to the board activity at ISSS, Umberto is responsible for the education and certification issues at ISACA Switzerland Chapter.

ISACA, Jiri Ceijka, Dipl. El.-Ing., CISA, Quality Auditor ISO9000
Jiri Cejka has studied Technical University (CVUT) in Prague, Electrical Engineering Faculty (FEL), Technical Cybernetics department, specialised on aeronautical and navigation instruments.

He was long-time developer of Stock-exchange Systems, co-working on development of IT Audits and Governance methods at KPMG as well as IT Audit Leader and Manager of IT Transformation Programme at OC Oerlikon.

He is ISACA member, since 2007 member of Academic Relation Committee of ISACA Headquarters. He was co-working on ISACA Student Book “IT Governance Using COBIT and Val IT” and on the development of IT Governance teaching programme for universities “Model Curriculum for IS Audit and Control”, later reviewing the programme at 28 Universities worldwide. In 2013-14 he’s been co-working on the ISACA strategic study «Role of Information Trust Value professional». In 2015 he wrote an ISACA Article «“Audit of Cyber Risks: Responsibility of Management and Challenge for Auditors».

His areas and competencies are: GRC, IT & Cyber Security, IT Risk Management, Programme Management, BCM and IT Audit.

modzero AG, Max Moser
Max Moser works at his self-founded company modzero AG as an IT Security Consultant for large and medium-sized businesses. As a ‘paid hacker’ he attacks software and hardware products by order of his customers to test their security or helps customers to improve their overall security.
Max Moser is an active member of the IT Security scene for over 20 years and known for his innovative security research as well as several Open Source projects.

University of Innsbruck, Christian Sillaber, Researcher

Christian Sillaber is a researcher at the Institute of Computer Science at the University of Innsbruck, Austria. His research interests are in the areas of governance, risk and compliance management and security process engineering.

Mobile Menu