SIGS Special Event

Improving Password Security through Analytics and Quality Assurance

Click on the .ics file to save the date

Target Audience Information Security Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security

From Consultancies and Resellers/Integrators are only technical people allowed to take part. Vendors and people with a Sales/Marketing role are not authorized as participants.

CPE Credits Earn 3.75 CPE (Continuing Professional Education) for attending this SIGS Afterwork Event. Please request a confirmation.
Location Hilton Zurich Airport Hotel
Hohenbuehlstrasse 10
8152 Opfikon-Glattbrugg

There are a lot of free parking places available.
Train: railway station Zurich Airport – take the Hotel Shuttle

Date of Event 5th of December 2018
Language English
Schedule see agenda below
Participation Costs Fr. 55.— per participant
Organization, presentations, beverages and aperitif included

Agenda

2:00 – 2:30 Registration & Coffee
2:30 – 2:30 Welcome & Introduction by the Moderator
2:30 – 3:15 Octav Opaschi, Senior Technical Security Consultant at Detack GmbH

Getting ahead of the attacker
How do hackers operate, how do they “land & expand”, and how can organisations create dead-ends? Octav will discuss the anatomy of a data breach, and how swift password recovery is key to most phases of a breach.

During this session, Octav will also set up a live, simulated attack job on approximately 20,000 password hashes, in a secure and tamper-proof environment. This job will run for a couple of hours, and we will collectively discuss the results, to kick start the panel session before dinner.

3:15 – 3:45 Max Meier, Senior Technical Security Architect with AXA Winterthur
Max Meier is working as Senior Technical Architect Security at AXA Switzerland. For more than 25 years his focus has been on security topics. Formerly as mainframe security engineer and head of security services. Since 2011 he is working as technical security architect.
He works regular in several projects and his core competence is identity and access management with focus on security.

In addition to his work as architect he is lecturer at Lucerne University of Applied Sciences and Arts. There he teaches in “Identity and Access Management” for master or bachelor educations in Information Security and Data Privacy Officer (DPO).

Quality assuring passwords – what this is, and how this is realised?
Max will share his experiences on the practice of password quality assurance, the process and the contribution to overall security postures.

3:45 – 4:15 Thomas Schlienger, CEO of TreeSolutions

Measuring security awareness
Examining the anatomy of a data breach, Dr. Thomas Schlienger will illustrate their model for fact-based, password training, and how analytics & progress reporting, is emerging as a key element for the measurement of the impact of awareness programs, whilst, measurably improving password postures.

4:15 – 4:45 Coffee Break
4:45 – 5:15 Bert Brüderlein, Information Security Officer at LBBW Asset Management

Zero-trust for privileged accounts (in German)
Bert Brüderlein will discuss their approach to rolling out their password quality assurance program to the end users, impact measurement and how they have realised their zero-tolerance approach towards anomalous privileged credentials.

5:15 – 5:45 Tomasz Lawicki, Manager of “Stand der Technik” at TeleTrusT

Best practices
TeleTrusT is the German IT Security association, and their impartial, “Stand der Technik” analysis, is very often the reference point for security managers and regulations. The manager of Stand der Technik, Tomasz Lawicki, will discuss their methodology, a pragmatic approach for organisations to evaluate the validity of merging security paradigms.

5:45 – 6:30 Results from the live analysis and moderated panel discussion

6:30 – open end Apéro Riche & Networking
The speakers will be onsite for Q&A

The sponsors of this event are:

Main Sponsor Co-Sponsor

Registration

This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.

Register here!


With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it with its event partners and event sponsors of this specific platform.