All presentations are held in English
Security in an Academic Environment: The Balance between Academic Freedom, Operations & Computer Security
Like any other entity, the European Organization for Nuclear Research (CERN) is daily targeted by the malicious cyber-evil. Protection is difficult as CERN staff and users value high their academic freedom important to prosper and for pursuing their research. Hence, any cyber-security approach needs to find the appropriate balance between this academic freedom, the operation of accelerators & physics experiments, and the protection of all digital assets.
This presentation will outline such an approach, discuss attack scenarios and problems, and present CERN’s solution for countering cyber-attacks.
The frontiers of cybersecurity; how to prepare
In this presentation, you will see a case study around preparing for the cybersecurity issues of tomorrow. We will get specific about research currently underway in the realm of supply chain security, lightweight security and cryptography for IoT environments as well as quantum resistant cryptography.
We will expand the conversation to the practicalities of executing and nurturing futuristic ideas, discussing best practices for working across government and academia. The presentation should provide some new ideas to the audience to help inform their own future cybersecurity initiatives.
The Role of Orchestration in Incident Response
Faced with an avalanche of alerts, insufficient staffing, and a bewildering regulatory environment it’s no wonder that most companies struggle to respond effectively to cyberattacks. Successfully resolving attacks requires fast, intelligent, and decisive action – organisations need to have an orchestrated plan in place before an attack occurs. The best organisations leverage an orchestrated response capability to achieve cyber resilience.
In this keynote, IBM Resilient’s Ted Julian, Co-Founder and VP of Product Management will explore the latest incident response methodology and technology. Can automation really save the day? Or are the naysayers correct that the automation cure is worse than the disease itself? From instant escalation, to automatic enrichment, to guided mitigation, Ted will explore the latest incident response techniques and share what works and what doesn’t.
Tactical Defence: Principles and Observations
Have you ever had to justify a firewall? What do you do when you don’t have one? Over the past six years we have been exploring non-traditional tools, and through them defining security principles to help defend our large open network. These principles have helped us focus our efforts, educate our population, and even guide some of our purchasing decisions.
In this presentation, I will talk about some of these principles, the observations that lead us to them, and the some of the outcomes of trying to implement them. Spoiler alert: They work very very well, even along side traditional security thinking.
Change is Merely an Act of Survival
This presentation will review the history and development of the corporate network and its interaction with the Internet. How the adoption of SaaS and PaaS base solutions have rendered the network irrelevant from a security perspective. We will explore the developments in malware, how threat actors have taken on a business approach to creation, distribution, and management of their attack campaigns.
We will then take a few steps into the future and explore some possibilities that have the potential to greatly affect corporations and how they protect themselves. Finally we will explore some of the potential strategies that can be started now to lay time ground work to ensure a more secure architecture in the future.
Build a secured system from day one with proper architectural planning, governance and change managemente
Social engineering is nothing new! The solution is simple
With the majority of threats originating from email attachments and internet downloads, users pose a huge threat to the organization. Starting with user behaviour, we look at what lessons can be learnt when it comes to security and how to put proactive measures in place that protect your data, even if users are clicking on untrusted links and opening malicious email attachments.We will take you through a simple, smart approach to security that stops internal and external attacks before it’s too late.
How Context is Key in Preventing Data Breaches
If we want to find out why a breach happened, or assess the damage, we have plenty of time to trawl through logs, look at session recordings, and so on. But if we want to prevent a breach, we have to react with lightning speed.
So what is it that can enable us to react fast enough? In an ideal world computers can make these decisions, but in reality this is usually a combination of some artificial and some human intelligence.At the end of the day, the critical ingredient for both computers and humans is context. Without it, there is too much data, and too much irrelevant data, to make accurate and rapid decision making possible. In this presentation you will learn how can you use contextual information collected by various security solutions to reduce the chance of data breaches.
Simplifying vendor risk management through continuous risk monitoring
With this presentation you will learn about the so called “Third Party Cyber Risk”, which is also known as “Supply Chain Cyber Risk” and “Supplier and Customer Cyber Risk”.
We will demonstrate what this concept means, which threats are coming from the “Cyber Risk”, and how organisations can manage and control the “Third Party Cyber Risk” effectively.
Immunity – once and for all
Client devices are the most critical link in your protection chain. Whilst using state-of-the-art security technologies on the perimeter, most enterprises still aim to protect their users with legacy Antivirus on their PCs. The problem is that they all rely on detection thus will only protect you from what they already know is bad – comparable to the human immune system! And what do we do to no longer get sick? Staying home? Getting vaccinated? Wearing a protective suit?
These are all valid options but they obviously have different implications on your daily business – but what if there was a way to immunize your body or system in a way that does not at all affect you and your work? Such as “click on anything” without risk of a compromise? See and listen to an unparalleled approach that has changed the security model of many enterprises already.
Michael is a lecturer at the University of Applied Sciences in Graz and he is also well known as a speaker at various national and international seminars about Data Privacy & Security issues, Anti-Corruption awareness programs and Anti Money Laundering methods in the gaming industry. He is also an expert in the field of compliance certification standards.
He is a dedicated member of the Compliance Officer Association Austria, a founding member of the Austrian association of Privacy Officers and also an active member of the International Association of Privacy Professionals and the Association of Certified Anti-Money Laundering Specialists.
Thoughts on the meaningful use of compliance management systems
In his short presentation Michael Mrak will introduce the integrated compliance management system of Casinos Austria & Austrian Lotteries. Everything will be explained from the perspective of a practitioner.
It all starts with the need of finding a definition what compliance means for your organization and what issues have to be covered. In his speech Michael will explain the effect of rules based vs. risks based systems in an organization and how both approaches can benefit from each other. It will also cover the question if compliance can be an innovation driver and how to get over internal resistance if it comes to the implementation of a management system. Michael will also explain the five basic elements of every compliance system and how to find internal allies to implement a working CMS.
SAST is a MUST – Software Security & Early Prevention of Vulnerable Code
Every security conscious technology professional is looking for the quick fix – the one thing they can do to flick the switch from “insecure” to “secure” and certainly there are many organisations out there ready to sell “security in a box” to whomever will pay for it.
But the single biggest bang for your buck and the most effective means of securing software is identifying and fixing vulnerable code as early in the development lifecycle as possible. Ideally this means not writing vulnerable code in the first place, or if does happen, fixing it during the development phase before rectification starts getting expensive.
In our talk, we’ll take you through some of the fundamental principles behind ingraining software security into the development life cycle:
Security demands Endurance
Today’s hackers are–and will continue to be–persistent. Even the most sophisticated hacking operations can be compared to a house of cards: find one or just a few components of the hack and, over time, the entire operation can collapse.
The house of cards approach to security requires moving away from the traditional IT mindset that encourages analysts to quickly close incidents. Instead, it calls for an investigative mentality with every incident considered a potential piece of a larger puzzle. In this session, Richard will discuss this new approach to endpoint security that shifts the odds in favor of the defenders.
Modern deception techniques in the age of failing prevention
The vast majority of organizations, which have dealt with professional hacking attacks in the past, know that these kind of adversaries are hard to get rid of.Once you kick them out, they find new loopholes to re-enter the organization, targeting the crown jewels every time. If you play this game long enough you will realize at a certain point in time that neither a strong perimeter security nor conventional IT security will be sufficient to conquer this battle.
The challenge we are facing in SOCs nowadays is to reduce the time to detect those adversaries and to get valuable threat intelligence to increase the resilience of security infrastructure.
Self-learning cyber defence through machine learning
Prior to this, Gilles held a number of EMEA and Asia Pacific positions with Peribit Networks (successful US startup), U.S. Robotics and 3Com.
Quantum-Safe Security – How the threat of the quantum computer compels us to revise our security strategies
It is now well understood that a quantum computer, i.e. a computer which carries out its calculations by manipulating quantum objects known as qubits, offers tremendous computation power and enables to solve otherwise intractable problems.
In particular, quantum computers will break all existing public key cryptographic systems, and render our cyber security infrastructure obsolete overnight.
However, until recently, manufacturing a quantum computer, in essence a controllable macroscopic quantum object, was seen as mere science fiction, something which might become possible in the faraway future only.
Recent progress in this field, led by government and academia, but also by major companies like Google, Microsoft, IBM and also start-ups like D-Wave, have totally altered this perception.
It is now considered that a general-purpose quantum computer could be available within five to ten years. The cyber security community has to integrate this new risk into its strategy.
The aim of this session is to provide the audience with current progress in the field of Quantum-Safe Security. We will explain how to assess the risk to your security infrastructure, and suggest implementable solutions.
Bridging the gap between Cybersecurity & the Business
More than ever before, the field of cybersecurity is faced with greater challenges. Whether we like it or not, we are losing ground in terms of involvement in the projects while on the other hand, cybersecurity is of greater concerns to the top executive of the enterprises. The digital transformation that most modern organization are going through puts back the power of developing new opportunities, using technology, in the hands of the business people that are not as security cautious as we would like.
Without a common language and steering practices, Cybersecurity specialists are relayed to an after the fact audit role and still seen as technical specialist. Come see this presentation to discover the Secure Blueprint, an approach we have developed to bridge that gap and to win back a seat at the table.
Disrupting the kill chain
For an efficient cyber security program it’s important to understand the kill chain. We explain the techniques used by attackers and what typically happens after the first system is compromised.Additionally we discuss opportunities to break that attack playbook and why you should protect your privileged credentials.
Managing cyber risks across a global organization
Our approach to managing our cybersecurity risks through certified Information Security Management System (ISMS) implementations and the endorsement of top management. Our journey in building awareness and risk management capabilities to manage cybersecurity risks from the bottom up whilst in parallel getting focus and support from the top of the organization.
Abracadabra! Transforming your internal users − your most vulnerable security link − into your greatest guardians
90% of security incidents are caused by insiders, according to the Verizon DBIR Report. How can you gain true visibility and control over who has access to your sensitive data? Security controls and methodologies have traditionally focused on a reactive approach to reducing risk. Now that we better understand the real threat of internal users- whether through negligence, lack of awareness, or harmful intent, it’s time to shift gears towards a more proactive approach to preventing breaches and risk.Join us to learn how to:
Ms. Cosgrove holds a Masters of Research, Telecommunications from UCL (University College London).
Fighting the next generation of targetted Business Email Compromise attacks
Today’s advanced attacks focus more on exploiting human flaws than system flaws. Business Email Compromise (BEC) attacks that impersonate executives and business partners to trick your employees are the biggest cyber threat to organisations today. But what may surprise you is that the vast majority of BEC attacks are preventable.
Learn about the current BEC trends and attack methods, and how your organisation can identify and block these attacks before they reach the inbox.
Hallmarks of a Successful Vulnerability Management Program
Leif Kremkow will review some fundamental principles of a how our customers built vulnerability management programs that were successful in their enterprises. Correctly identify the basic needs of your vulnerability management program and ensure that you don’t fall below the relevance poverty line. Anecdotes and examples drawn from existing deployments will illustrate how different answers to common problems of supplying food, shelter, and clothing to your vulnerability management program can lead to success.
Transforming a Cyber Defence Center into a Value Proposition
Nowadays, continuous and comprehensive Cyber risk detection represents an imperative for each and every organization. But how can you create a value proposition from establishing a Cyber Defense Center, the entity typically responsible for providing the overall IT risk management landscape? What needs to be done to create a transformation from raw security events into a process-driven Cyber risk management process, including linking single security events to business process risks?
We will show you how you can focus on risk remediation and mitigation, but not on the mammoth-task of risk analysis and evaluation by integrating technology, experts and processes. You will learn how you can reduce detection complexity, creating risk transparency and enabling focus on remediation priorities.
Lying to know the truth
Attackers commonly use deception techniques to infiltrate and breach networks. Lying to Know the Truth shows you how deception isn’t just for attackers, it can help you detect nefarious activity early in the attack chain.Join us as we discuss:
The anatomy of a data breach
At the core of a successful data security strategy, is having an understanding of how data breaches occur, breaking these down into phases, and applying measures to address causes at their root. Do you ever imagine putting in place a network of sensors, protecting your sensitive data, detecting unwarranted behavior and remediating?
At SkyPro, we have developed a strong understanding about how data breaches occur and have established methodologies of people, processes and technologies as to how organizations can address the root causes of data breaches in a sustainable way.
The key to security is in the Hardware — Why we need to use secure Hardware in our ICT Systems
Attacks on digital information of all kinds (such as corporate data, measured values or control commands) have been fact of life in the networked and mobile age since the early years of the Internet. The software industry has been trying hard to close security gaps and keep malicious software away from the IT systems.
With the consistent implementation of zone concepts (firewalling) and security mechanisms (authentication and encryption), a high protection level is achieved in principle. However, the largest vulnerability is at the interface where unprotected data is encrypted or decrypted using cryptographic keys, or legitimate system users are authenticated. Software alone does not prevent attacks on this interface. Secure and trusted hardware must be used.
This presentation shows why standard hardware is not sufficient at this interface and how dedicated hardware must be built to ensure the security of IT networks — whether the user is a human being, a machine, or a sensor.
Overview of the current chaotic threat models in use by various malicious groups, and the challenges in demonstrating appropriate levels of security for a given risk at a reasonable cost. An insight at the uses of machine learning to detect and respond to different threat actors.
Break the silos between Security and IT Operations
Security and IT Operations use on a daily basis more and more sophisticated solutions to protect their assets and detect a potential breach. We hear more and more about Machine Learning and Artificial Intelligence, but in terms of Incident Response, organizations still rely on manual processes that do their best to link together siloed teams in order to respond fast.
Listen to Myke Lyons to learn how Security can better collaborate with IT Operations to resolve real threats faster using structured and automated response processes to prioritize and resolve incidents based on business impact.
Best Practices for Scoping Infections and Disrupting Breaches
Infection and exploits will occur. The new goal is to prevent those infections from becoming a data breach. To do this successfully, security analysts need the ability to continuously collect, analyze, correlate and investigate a diverse set of data.Listen to this session to hear Alain Gutknecht discuss the specific data sources and capabilities required to determine the scope of an infection before it turns into a breach. See a live incident investigation that demonstrates this approach.
In this session, you will learn:
Security Audits – How secure is your IT landscape?
You have already meticulously introduced security concepts (ITIL, ISO, Cobit) under tremendous cost and are surprised that you are still being successfully attacked? Then it is time for a technical security audit in which configuration errors and technical weaknesses from the optics of the attacker are systematically and relentlessly detected in your IT systems.
Security expert Markus Martinides shows in the seminar how to audit all critical system areas during an audit. Based on many practical examples, the lecturer shows how an audit is designed, the costs involved and how the results are implemented.
Using AI to catch in-progress cyber attacks
Cyber attackers operate undetected for an average of 146 days but obtain admin credentials in less than 3, and 53% of attacks are only discovered after notification from an external party. The complexity and velocity of attacks is increasing whilst traditional security capabilities become overwhelmed. Detecting active attacks, reducing dwell time and accelerating incident response is a top priority.
In this session, you will learn how different artificial intelligence techniques can be combined to automate the detection of in-progress cyber-attacks within your network. We’ll explain how automated threat hunting can even handle encrypted traffic, whilst still maintaining the privacy of your users. Then we’ll share a case study of a real attack detected using this AI approach.
We’ll close by demonstrating how to integrate such a capability into your existing security technology stack to force multiply your security response capability, and close your cyber detection gap.
Secure Mobile Communication – The Future of Mobile Productivity
New ways of secure mobile communication and secure data exchange are getting more and more on the radar of CSOs, CFOs and CTOs. Employees are looking for a convenient way to work anywhere from corporate device or BYOD.New simplified mobility services overcome traditional MDM challenges. This presentation will show you new ideas on how to simplify enterprise mobility while delivering a solution that has high user acceptance and fits your enterprises mobile strategy.
Workshop: Best practice approaches to information security with limited financial resources and few business requirements
This workshop aims to discuss and exchange information security considerations within companies, especially those acting in the industry sector, with limited financial resources and few business requirements to implement an appropriate information security concept. The following topics shall be discussed in particular:
WEIDMANN ELECTRICAL TECHNOLOGY AG, a member of the WICOR group and a global manufacturer of electrical insulation solutions, will briefly present their current situation and would then like to start an open discussion with the audience. Other companies are free to present their situation as well.