SIGS Special Interest Group
5th SOC Forum Swiss Romande

Save the DateClick on the .ics file to save the date

Target Audience Security Operations Center Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security

From Consultancies and Resellers/ Integrators are only technical people (which are involved in the Security Operation Processes) allowed to take part – max. one participant per company. Vendors and people with a Sales/Marketing role are not authorized as participants.

If you are not on the dedicated invitation list and you like to take part in this community and get the invitations, please fill out the application form.

CPE Credits Earn 4 CPE (Continuing Professional Education) for attending this SIGS event. Please request a confirmation.
Location EPFL Innovation Park

1015 Lausanne

Date of Event 28th of August 2018

Language English

Participation Costs CHF 55.–
Organization, presentations, beverages and apéro riche (almost dinner) included


1:30 – 2:00 Registration & Apéro
2:00 – 2:30 Dr. Cristian Zamfir, Co-founder and Chief Operating Officer at Cyberhaven

In-depth Analysis of Recent Data Breaches
Many of the famous security events in 2017 and 2018 were data breaches. A data breach is more than a regular security incident which compromises the integrity, confidentiality, or availability of data, instead it is a confirmed access from an unauthorized third party to sensitive data.

This talk will provide an overview of some of the most prominent data breaches in 2017 – 2018 broken down by industry sector. But we will not only talk about these breaches, we will analyze in depth how the breaches occurred, what was the root cause, and will provide some pragmatic best-practice measures to reduce the risk around similar data breaches.

2:30 – 3:00 Farah Rigal, Head of Global Architecture and Solutioning within Cyber Security at Atos

Prescriptive Security Operation Center: how it works and is Big Data Analytics the solution to predict security threats?
Detection and neutralization time needs to be improved significantly compared to today’s solutions to face the increasing number of ever more sophisticated cyberattacks. Security analytics and automated response to predict risks and neutralize cyberattacks are part of a prescriptive SOC which continuously learns from previous threats and manages to orchestrate automated responses in real-time.

Is this the future of today’s SOC? Can the detection time really be reduced to less than a minute, versus an average of 190 days with existing solutions? Is it possible to reduce the total response and recovery time to a few minutes compared to a couple of months today?

We will show you what todays technologies are able to deliver and how we see the future of today’s SOC.

3:00 – 3:30 Bojan Simetic, Information Security Specialist at UN/ICC (International Computing Centre)

Common Secure – Joint Cyber Threat Intelligence initiative within the UN. Benefits and lessons learned
Timely, relevant and actionable threat and incident information sharing enhances participating UN agencies’ ability to prepare for, respond to and mitigate risks associated with cyber threats.

Common Secure offers continuous and reliable information gathering and filtering, where sources are at other agencies, commercial security firms, service providers, multinational law enforcement agencies and other trusted resources. Effective information security management in conditions of limited budget and severe understaffing means less money spent recovering from breaches and proved that moving from a reactive InfoSec program to a proactive one with collective defense support proved to be the best option.

In this session you will hear the lessons learned during the project and what benefit it brings to the UN.

3:30 – 4:15 Coffee Break
4:15 – 6:00 Christian Das Neves, Security Analyst at the Swiss Federal Departement of Defence.

Threat Actor profiling with better IOC’s and MISP
As defenders we can benefit from creating a profile of attackers targeting our company. By keeping track of adversary techniques we can improve our responsiveness and prevent possible attacks. To have a big picture of what is going on and to detect changes on tactics we should be able and willing to share intelligence with each other. That is where MISP comes into play.

In this talk we will see the different type of intelligence sources and how they can be used to profile a possible adversary. Few examples on how to use MISP to create, store and use intelligence for incident response work will also be illustrated.

6:00 – open end Apéro Riche & Networking
The speakers will be onsite for Q&A

The Sponsors of this event are:

Main Sponsor Host Sponsor


This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.

Register here!

With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it with its event partners and event sponsors of this platform. In addition, we share the contacts as well with the community itself.

Earn CPE Credits for
attending SIGS Events


Registration here!

If it’s the first time you like
to attend, please send us in addition your application