SIGS Special Event

Let’s Analyze and Respond to Data Breaches

Click on the .ics file to save the date

Target Audience Information Security Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security

From Consultancies and Resellers/Integrators are only technical people allowed to take part. Vendors and people with a Sales/Marketing role are not authorized as participants.

CPE Credits Earn 4.25 CPE (Continuing Professional Education) for attending this SIGS Afterwork Event. Please request a confirmation.
Location Hilton Zurich Airport Hotel
Hohenbuehlstrasse 10
8152 Opfikon-Glattbrugg

There are a lot of free parking places available.
Train: railway station Zurich Airport – take the Hotel Shuttle

Date of Event 5th of September 2018
Language English
Schedule see agenda below
Participation Costs Fr. 55.— per participant
Organization, presentations, beverages and aperitif included

Agenda

1:30 – 2:00 Registration & Coffee
2:30 – 2:30 Welcome & Introduction by the Moderator
2:30 – 3:15 Dr. Cristian Zamfir, Co-founder and Chief Operating Officer at Cyberhaven
Dr. Cristian Zamfir co-founded Cyberhaven and leads operations. Cristian is the inventor of Execution Synthesis, which is an acclaimed technique that automates the debugging of concurrent software. Cristian previously held research positions at UC Berkeley and Microsoft, and earned a Ph.D. in computer science from EPFL. Cristian is the recipient of an Intel award for his research on automated debugging and also won the gold medal in the Open Source Software World Challenge competition.

In-depth Analysis of Recent Data Breaches
Many of the famous security events in 2017 and 2018 were data breaches. A data breach is more than a regular security incident which compromises the integrity, confidentiality, or availability of data, instead it is a confirmed access from an unauthorized third party to sensitive data.

This talk will provide an overview of some of the most prominent data breaches in 2017 – 2018 broken down by industry sector. But we will not only talk about these breaches, we will analyze in depth how the breaches occurred, what was the root cause, and will provide some pragmatic best-practice measures to reduce the risk around similar data breaches.

3:15 – 3:45 Sven Vetsch, Partner at Redguard AG
With more than a decade of experience in the field of information and IT security, Sven is nowadays focused on adversary simulations and the security aspects of emerging technologies. At Redguard Sven is leading the research unit to ensure that both the offensive and defensive capabilities of the company are always on the leading edge of new developments in the security sector.

Attack Simulation – A risk driven approach to penetration testing
For a long time penetration tests have been the obvious choice when trying to identify security issues and vulnerabilities in infrastructure and applications alike. By design, penetration tests have a very specific scope which works well for well-defined targets.

In a modern environment however, where a lot of systems interact with each other and employees travel the globe while working, defining a useful and clear scope for a penetration test becomes very challenging. In this presentation you will learn why in most cases Redguard prefer Attack Simulations instead of penetration tests. Attack Simulations are risk driven and allow identifying even very complex security issues including organizational risks without being limited by a scope that only includes specific servers and applications.

3:45 – 4:15 Coffee Break
4:15 – 4:45 Max Moser, Owner, Hacker & Senior Security Consultant at modzero ag

Analysis Paralysis – Wer viel misst, misst (viel) Mist!
Hunting for Attackers can be frustrating and exhausting. Why are attackers still able to act undetected within an organisation? Are they truly undetected or are we just numbed by the overhelming amount of data? What makes it so hard to identify the malware in the first place and where did we loose trust in our own environment? What are the real challenges for all the modern detection mechanisms?

Max will deliver his personal view on these highly controversal topics – formed over nearly two decades of experience in penetration testing, incident respone analysis and red and blue teaming.

4:45 – 6:00 Stuart Mc Kenzie, VP EMEA at Mandiant Consulting

Table Top Expertise: They‘re inside your network – now what?
If you don´t know how to manage a Cyber Attack, a crisis can become a disaster. Let’s change that.

Join us for a Cyber Attack Simulation and find out the right way to manage events inside and outside of your company when a Cyber Attack occurs.

  • Practical and engaging to understand threats and risks and responses
  • Build confidence in taking the right actions that will protect your company in the event of an attack
  • Gain deep understanding of the consequences of specific actions
  • Participate in a real time attack to take back control

As an attendee, you will spend time with an Mandiant consultant to evaluate your organizations ability to effectively execute your cyber incident response plan through scenario gameplay.

Recommendations are given based on real-world incident response best practices.

6:00 – 6:30 Summary and Take Aways – Podiums Discussion

6:30 – open end Apéro Riche & Networking
The speakers will be onsite for Q&A

The sponsors of this event are:

Registration

This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.

Register here!


With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it with its event partners and event sponsors of this specific platform.