SIGS Technology Conference – Cloud Security Day

All presentations are held in English

Keynotes

Cisco, Tjerk Bijlsma, Technology Officer, Data Center EMEAR

As Technology Officer of Cisco’s EMEAR Data Center team, Tjerk is focused on evangelizing the Cisco DC vision, strategy and technology to executives, architects and engineers. Tjerk also represent Cisco at public events speaking where he shares Cisco’s vision for the data center future. A part of Tjerk’s focus is incubating new emerging DC technologies into Cisco and preparing them for public launch. Recent examples of these include Cisco ACI (Application Centric Infrastructure) in 2013, Cisco HyperFlex and Cisco Tetration in 2016 and AzureStack in 2017 and Cisco Network Assuance in 2018.

DC Security Transformation, and how the IT specialist is impacted

Security has become a function of the new modern DC fabrics, no longer an afterthought add-on. This extends from on-prem into multi-cloud. What are these technology innovations that make this possible? And how are they impacting the IT specialists? Join us and find out.

ERNW, Matthias Luft, Security Researcher & CEO

Matthias Luft is a security researcher and heads the German security company ERNW. He is interested in a broad range of topics (such as DLP, virtualization, and network security) while keeping up with the daily consulting and assessment work. Matthias presents on a regular basis at international security conferences (e.g. BlackHat or Infiltrate) and is involved in the organization (e.g. part of the program committee) of the security conference TROOPERS.

Using the Modern Application Stack to Improve Security

Containers, DevOps, Continous Delivery, and Infrastructure-as-Code are common terms in today’s corporate landscapes. In this presentation, will not focus on the potential security issues in those technologies but how they can be used to actually improve the security posture of your environment. Key aspects will be the use of Infrastructure-/Platform-as-Code data to perform security reviews, DevOps approaches and how they allow to build immutable systems, and security features (such as secret management) that are built into the modern application stacks.

Gemalto IDP, Guido Gerrits, Market Owner Identity & Access Management

As Market Owner of Gemalto’s Identity & Access line, Guido Gerrits maintains a focus on Identity Security and data protection for both the government and enterprise sectors. Guido brings over 10 years of experience in Multi-Factor and Access Management. Before moving to the Market Owners role, Guido supported as Account Manager large channel partners and their end users solving IAM needs. He received his degree in electrical engineering at the Fontys University of Applied Sciences in Eindhoven, the Netherlands.

From today’s User Authentication to the Identity & Access Management of the future

Digitization, cloud services, mobile devices and data protection regulations. Authentication is one of the key topics in information security and the requirements are changing dramatically. François Lasnier presents the Gemalto vision of access management of the future through virtualization and by merging different technologies to one solution.

ipspace.net, Ivan Pepelnjak, Independent Network Architect

Ivan Pepelnjak, CCIE#1354 Emeritus, is an independent network architect, book author, blogger and regular speaker at industry events like Interop, RIPE and regional NOG meetings and DIGS events. He has been designing and implementing large-scale service provider and enterprise networks since 1990, and is currently using his expertise to help multinational enterprises and large cloud- and service providers design next-generation data center and cloud infrastructure using Software-Defined Networking (SDN) and Network Function Virtualization (NFV) approaches and technologies. Ivan is the author of several books covering data center technologies, highly praised webinars, and dozens of data center and cloud-related technical articles published on his blog.

Three Paths of Enterprise IT

We keep hearing about disaggregated infrastructure, whitebox switching, virtual network functions, Google-Infrastructure-for-Everyone-Else (GIFEE), hybrid clouds… and the more we try to figure out where these ideas might be relevant in our infrastructure, the more confused we get. As Ivan Pepelnjak will explain in his keynote, it’s time to realize that not all IT environments are equal. Apart from the traditional Service Provider/Enterprise split, we’re approaching another major junction where enterprise IT teams will have to decide whether they want to use their infrastructure as a strategic asset or get rid of it and move to the cloud.

LAUX LAWYERS AG, Christian Laux, Attorney-at-Law and Partner

Christian Laux, LL.M., is attorney-at-law and partner at LAUX LAWYERS AG. He has extensive experience with technology and its legal implications, and advises on all aspects of IT law. Contracts, outsourcings, and Data related issues are at the core of his practice. Christian combines his experience both as inside counsel as well as his practice as outside counsel with a passion for technology. Christian is board member of several organizations operating at the cutting edge of data, policy and the law.

Internet of Things: A Concept for the Future

This presentation will focus on Internet of Things (IoT) and what it is that makes IoT a core theme for the future. Digitization and automation of workflows implies that things, devices and processes will be tagged by a variety of means to track them.  The result is that data are being generated, extracted from the sphere of those who own the devices or the instruments used in those processes, and then conveyed to central storage facilities of the system operators.  There, processing takes place (Big Data, Analytics), and the results of the analytics processes can be reused in further projects. – The workflows that are being outlined during the presentation trigger a number of legal issues. The legal issues can be properly addressed, but should be, too.  The presentation will cover the aspects relevant under the GDPR, and ePrivacy regulations (yet to come):

  • How to design an IoT-System?
  • What minimum requirements need to be met, from a legal perspective?
  • How to perform Analytics once the data has been transferred to the system operator’s servers?
  • What is the difference between Profilings and Big Data, anyway?
  • How to reuse the Big Data that has been generated? How to “ship” such data into industry 4.0 contexts?
  • What does all this mean for the future? Will we soon live in a fully automated world? What will be the role of automated individual decision-making in IoT applications?

Netskope, Neil Thacker, CISO EMEA

Neil holds 20 years experience in the Information Security industry with 10 years financial services experience in the insurance and banking arena. Neil is a member of the ENISA Threat Landscape stakeholder group where he contributes to the EU agency program alongside CERTs to position the threat landscape, offer mitigation advice and threat analysis innovation. Neil is also co-founder and board member of the Security Advisor Alliance, a not-for-profit organisation formed to help security leaders in their role, engage and support interest in the infosec industry and offer advice and tools to move organisations towards improved risk and data-centric strategies.

Cloud Security: Assume context at your peril

Organisations have embraced the cloud however todays CISO is playing catch-up to ensure they can adequately control and manage the risk.  This talk will cover the fundamentals of both cloud application and cloud data security and how CISO’s and information security leaders can understand risk from an organisational, and more importantly, contextual level.  This talk will cover:

  • Why visibility through cloud application discovery is a first critical step
  • Apply Identity, Application and Data controls to cloud services
  • Report on business risk to key stakeholders to fulfil the requirements of the GDPR

Presentations

Avi Networks, Christian Treutler, Product Manager Security

Christian Treutler, application security expert and technology enthusiast, is a long time security advocate with focus on defending applications against threats in this hyper-connected world. In his position as Product Manager Security for Avi Networks, he uses his engineering background to push the boundaries of what application defence can offer. He is especially interested in designing security tools that make DevSecOps jobs easier by enabling application defence through automation and better visibility of attacks.

Roundtable: Application security in continuous delivery pipelines

Applications today are deployed in fully automatic environments like micro-services, containers or clouds, which allow for seamless load balancing, auto-scaling and other infrastructure-dependent services. To secure such applications many different security policies need to be applied, like SSL/TLS, ACLs, IP Reputation, WAF and more. Traditional application security products will not work well in such environments, because they are usually not built for them. Over the last 10 years I have worked with large and small customers to rethink and implement security for their applications. In this session we will explore many challenges that companies are facing when moving applications to a DevOps approach and cross reference them with participant experience if possible. After the analysis of these challenges we will outline possible solutions for enabling application security alongside continuous application rollout. As a result participants should have a good understanding of what an automated and integrated application security solution could look like.

Centrify, Barry Scott, CTO EMEA

Centrify’s Barry Scott has over 25 years of UNIX, Windows and Linux experience working for many major organisations in various Infrastructure Operations and Architecture roles, across different industry verticals. For the past 12 years, Barry has been helping organisations manage their Identity Management and Auditing challenges, focusing on security, regulatory compliance and operational efficiency, especially using “AD bridge” technology. Barry’s current role is focused around enabling Centrify customers to use infrastructure they already own – Microsoft’s Active Directory – to control, secure and audit heterogeneous systems, mobile devices and applications, and also providing them a unified identity service across data centre, cloud and mobile using Centrify’s on-premises and Cloud-based solutions.

Workshop: Zero Trust Security – Never Trust, Always Verify

Organizations spent a combined $170 billion on cybersecurity in 2016 and 2017 . During the same period, 66% of organizations experienced and average of five or more data breaches. A larger security budget simply won’t solve the cyber security problem. An entirely new approach is required — Zero Trust Security. The benefits of Zero Trust Security are crucially important in this climate of ever increasing number and scope of security breaches. Zero Trust Security:

  • Covers the broadest range of attack surfaces, ranging from users, endpoints, and networks to resources
  • Enables organizations to increase business agility through the secure adoption of cloud and mobile solutions
  • Provides a framework to properly manage the risk of exposing sensitive apps and infrastructure to business partners
  • Creates satisfied, productive users by ensuring the proper controls are in place to address appropriate levels of risk without requiring a heavy-handed, maximum-control approach regardless of the risk posed

Check Point, Stephan Fritsche, Cloud Security & IaaS Manager

Stephan Fritsche, Dipl. Ing. (FH) Computer engineering, started his career after graduating as a specialist for routing and switching systems, followed by business development positions at system integrators and a distributor. At Nortel Networks, he held various channel positions, including managing large partners and being responsible for 2-tier business in Germany. At Cisco, he guided large partners into the data center and cloud world. For the last few years he has consulted customers as a Product Sales Specialist in the Data Center & Cloud sector. In 2017, he stared working at Check Point Software Technologies and took over responsibility for the Cloud business in Central Europe.

Workshop: Cloud – Agile and dynamic but also secure – Blueprint & Demo

As stated above, organizations are looking to better utilize their IT resources and align them with the latest and greatest that the cloud has to offer: <ul)

  • Agility – decrease the time to market interval
  • Elasticity – expand and shrink resources on-demand
  • Efficiency – only pay for what you use
When designing your cloud-based environment, it is fundamental that the architecture aligns with your and your customers’ business use cases all while keeping an uncompromised approach to security. This presentation highlights the required principles and best practices to follow in order to build your cloud based environments in a secure manner.

IWelcome, Paul Vriens, Solution Architect

Paul Vriens is CIAM/IDaaS Solution Architect at iWelcome. In his role Paul is leading and designing complex identity projects on a daily basis, also dealing with new regulations as GDPR. Before joining iWelcome, Paul worked as a Security Architect, and later as Managing Consultant at CA Technologies. His background in Security and knowledge of GDPR make him a valued sparring partner at the intersection of seamless customer journeys and the right level of privacy protection and security.

Identity and IoT – how to manage complex user interactions in the cloud

The Internet of Things is transforming how we live. But is also changes the Identity Management landscape. Multiple users connected to multiple devices and things lead to different levels of user rights, mandates and extensive consent management. How to manage these complex user interactions in the cloud? In this workshop we’ll look upon the platform of the future, and you’ll get some practical examples.

Juniper Networks, Andre Doehn, SE Manager DACH

André Döhn, a Security professional has held a range of engineering and pre-sales consulting roles during the course of his 20-year career in helping enterprise and service provider customers to deploy and secure their network infrastructure. André has worked for vendors like VMware as network virtualization consultant and is currently leading the Pre-Sales Team of the DACH organization at Juniper Networks. He also acts as lead for cloud technologies and therefore has a strong focus on security for multicloud environments. The promise of multicloud is to deliver an infrastructure that is secure, ubiquitous, reliable and fungible and where the migration of workloads will be a simple and intuitive process. For IT to be successful in becoming multicloud-ready, it is critical organizations consider not only the data center and public cloud, but also the on-ramps of their campus and branch networks. Otherwise, enterprises will face fractured security and operations as network boundaries prevent seamless, end-to-end visibility and control.

Intent-driven Security policies for Multicloud environments

Security administrators are faced with an ever-increasing list of threats to their applications, whether they are deployed in development, staging, production, or public cloud environments; running on bare-metal servers, on virtual machines, or within containers; or orchestrated by OpenStack, Kubernetes, or OpenShift. Workload mobility in modern cloud environments exacerbates the problem, adding a new level of difficulty for securing workloads that migrate frequently. As a result, the network perimeter is now blurred, rendering traditional perimeter-based application security measures insufficient, inflexible, and extremely cumbersome and costly to manage. The solution we are introducing allows writing Policies based on known application attributes defined by tags, labels, and other grouping constructs can be universally applied in various environments without having to rewrite them every time. The solution is also providing critical insights into traffic flows, establishing a new security paradigm that reduces the overall number of policies, simplifies enforcement, and provides greater visibility into hybrid cloud environments.

Keyon AG, Alex Pattupara, IT Security Consultant

Alex J. Pattupara, IT Security Consultant at Keyon, is a cyber security expert in the field of Enterprise Mobility & Security consisting of Azure Information Protection, Intune, Rights Management Services, and Cloud App Security. In strong collaboration with customers, he planned and realized several strategic projects for large enterprises in the field of finance, insurance, manufacturer, energy and infrastructure.

Keyon AG, Sven Staible, Project Manager and Senior Software Engineer

Sven Staible received 1997 a degree in Electrical Engineering from HSR Hochschule für Technik Rapperswil, a member of the University of Applied Sciences of Eastern Switzerland (UAS). After graduation, he worked for three years as Software Engineer in embedded systems/ISDN at Ascom. Sven has been working for Keyon since 2000 as Project Manager and Engineer in the area of software-engineering and IT Security integration. He is a member of the board of management.

Secure collaboration with Intune – BKW Success Story

Microsoft EMS big picture – holistic solution The cloud and mobility are reality. Data is transferred between organizations, users, devices and applications, regardless of their location. The challenge is to identify sensitive information and take the right measures to ensure data security and protection. Microsoft Enterprise Mobility + Security (EMS) and O365 offer comprehensive security measures and compliance dashboards that enable organizations to implement statutory, regulatory, and company-specific security requirements. The presentation gives an overview of the most important components and processes. Secure collaboration with Intune – BKW Success Story The BKW Group’s Europe-wide acquisition of several companies and the continuously increasing mobility demands made it necessary to adjust their IT infrastructure in order to encourage and ensure secure collaboration across all affiliated companies and within the BKW Group itself. Therefore, they decided to invest in a Microsoft based solution. The focus was on improving collaboration, regardless of the device types, app types, and the location. Further information you can find at https://www.keyon.ch/en/News-Medien/2018/keyon-BKW-Success-Story-Intune-V1.5.pdf

NTT Security, Franck Braunstedter, Senior Manager Cyber Defence & Cloud Security

Franck Braunstedter currently heads the cloud security & cyber defence teams at NTT Security. Previously he was head of cyber security for an international biotech company headquartered in Switzerland. Franck has 20 years IT security background and has implemented several cloud migration projects. As cloud security specialist, he focuses on compliance automation, continuous configuration and DevOps, ensuring security teams are participating as active business enablers in current IT transformation projects and not as show stoppers.

Roundtable: Make your cloud faster, cheaper and more secure with a fully automated cloud environment!

Take the pain out of your cloud configuration and compliance management and make operational headaches disappear: Automate version controls, software developments & tests, deployment pipeline, compliance audits & hardening policies. Franck Braunstedter, experienced cloud security expert, shows the balancing act between speed and security, ease and control and flexibility and limited resources in practice.

Ping Identity, Jason Goode, Regional Director

Jason Goode is a Regional Director at Ping Identity, a provider of cloud identity security solutions and is responsible for supporting sales and business development activities across the EMEA region. Jason has over 15 years sales experience in the identity security space. Prior to joining Ping Jason worked for a number of public and privately owned enterprise software companies focused on delivering world class identity and security products.

Workshop: Digital Identity Authorities - the Key to Enterprise Cloud Transformation

Managing digital identities and access control for users, applications and things remains one of the greatest challenges facing cloud computing today. This has led to a new cloud security service paradigm that requires your organization to reevaluate the criteria for designing and implementing identity and access management (IAM) services across data centers, and private and public cloud infrastructure. This new criteria addresses the continued transformation to the cloud, mobile and internet of things (IoT), and the increased demand for open business balanced by user data security found in initiatives such as GDPR, Open Banking and PSD2.

Qualys, Leif Kremkow, Director Technology

Leif Kremkow, Director Technology, Qualys has been with Qualys for over 13 years now. Committed to working with Qualys’ customers to help make the most of the Cloud Platform and its dependant services. Prior to being Director Technology, Leif worked closely with CAC40 enterprise companies as a Technical Account Manager to define custom solutions, carefully respecting corporate culture, fostering user acceptance, and documenting processes. Leif has been a speaker at various European events, such as Systems, Assises de la Sécurité, RSA Conference, InfoSec, or the CSO Interchange. A German citizen living and working in France, Leif has a Bachelor of Sciences (Hons.) in Computer Systems and Networks from the University of Plymouth in England.

Workshop (you need a tablet/notebook!): How to secure the Information System that is in the Cloud

Let’s collaborate! During this interactive workshop we’ll work out together how to secure the part of your information system that is in the Cloud. Attendees will leave this session with a consensus list of prioritized risks as well as with field- and peer-tested solutions. This presentation and workshop will be delivered via a purpose built web application that attendees will be encouraged to navigate to and use. This implies that attendees come with a web browser, either on their laptop, their tablet, or smartphone, and have an Internet connection to surf the web with. The topic is the “Cloud” – this workshop will be based on the Cloud.

  • Makro list of risk
  • How likely are the risks
  • How much damage do you associate with the risk
  • Three most important risks to address
  • Present the consolidated risks
  • Present a coverage map
  • What works and what doesn’t

Tenable, Thomas Cueni, Security Specialist

Thomas Cueni joint Tenable as a Security Specialist for Switzerland and Austria. He is a cybersecurity professional with almost fifteen years of technical experience in network and endpoint security, security operations and vulnerability management. Prior to joining Tenable he was working for FireEye and Blue Coat (now Symantec), where he was doing pre-sales for major global accounts based out of Switzerland.

Roundtable: Reducing the Cyber Exposure Gap from Cloud to Containers

Securing the modern attack surface is a critical challenge you must effectively address to reduce cyber exposure and protect your enterprise. This interactive session will cover:

  • Making the attack surface as small as possible
  • Understanding asset priority and location
  • Expanding visibility and control over assets beyond the perimeter
  • Enhancing basic security practices to accommodate more dynamic IT environments

Tufin, Pierre Visel, Regional Director Central Europe

Pierre is an IT-Security professional with over 20 years sales and management experience within this industry. He has worked in the past for Computacenter AG and Virtual Forge Inc. Additionally Pierre is acting as Trusted Advisor and strategy consultant for IT-Security Managers and CISOs. His main topics are ISMS, SOC, application + network security and leadership for high potentials.

The benefits of hybrid network infrastructures will be ruined without security automation

Many companies using or plan to use a hybrid infrastructure to get more business flexibility. But a mix of physical, virtual and cloud networks is not only very complex -it´s nearly impossible to gain the expected business flexibility and maintain at the same time security and compliance. Automation based on a central company wide security policy bridges these gap between business flexibility and maintain security within complex environments.

Zscaler, Bil Harmer, Strategist, Office of the CISO

Harmer has been in the IT industry for 30 years. He has been at the forefront of the Internet since 1995 and his work in security began in 1998. He has led security for startups, Government and well established Financial Institutions. In 2007 he pioneered the use of the SAS70 coupled with ISO to create a trusted security audit methodology used by the SaaS industry until the introduction of the SOC2. He has presented on Security and Privacy in Canada, Europe and the US at conferences such as RSA, ISSA, GrrCon and the Cloud Security Alliance. He has been interviewed by and has written for various publications such as Dark Reading, Data Informed, SecureWorld and Security Intelligence. His vision and technical abilities have been used on advisory boards for Adallom, Trust Science, ShieldX, Resolve and Integris. He has served as Chief Security Office for GoodData, VP Security & Global Privacy Officer for the Cloud Division of SAP and now serves as a Strategist for Zscaler where he runs the Office of the CISO for the Americas.

Workshop: "Protecting a network you don’t control"

For 30 years we have built our security posture on the premise that we control the corporate network. 80% of Employees use “ Shadow IT Apps, O356 usage has increase 320% and AWS have over 2 million enterprise clients. Add Mobilized users to this massive usage of Cloud based services and everything Enterprise security teams are trying to defend has left the corporate “Castle”. How do you embrace the changes and protect your company in the where the Internet is your new corporate network?

Event Partner