SIGS Special Interest Group – 10th SOC Forum

Save the DateKlick for the .ics file to save the date

Target Audience Security Operations Center Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security

From Consultancies and Resellers/ Integrators are only technical peoples (which are involved in the Security Operation Processes) allowed to take part – max. one participant per company. Vendors and people with a Sales/Marketing role are not authorized as participants.

If you are not on the dedicated invitation list and you like to take part in this community and get the invitations, please fill out the application form.

CPE Credits Earn 4 CPE (Continuing Professional Education) for attending this SIGS event. Please request a confirmation.
Location Hewlett Packard Enterprise
Überlandstrasse 1
8600 Dübendorf

There are a lot of free park places available.
Train: railway station Stettbach

Date of Event 31st of August 2017
Further planned dates: 23rd of November 2017
Language English
Participation Costs This time for free – sponsored by HPE
Organization, presentations, beverages and dinner included



1:30 – 2:00 pm Registration & Coffee
2:00 – 2:30 pm Andreas Wuchner, CTO Security Innovation at DXC Technology

Andreas Wuchner is an experienced and recognized senior executive leader with extensive international general management experience of global diversified businesses and a proven track record. He has held positions in Switzerland, Germany and the United Kingdom.

Andreas served as General Manager (CIO), Head Information Security, Head IT Security, Head of Security Operations, Head IT Risk Control and Head IT Risk Management (CISO) for several large scale and international organizations.

With more than 20 years of experience and knowledge in all aspects of Information Security, IT-Security & Information Risk management, Andreas supports HP clients all over the world. His focus areas are within highly regulated environments and their especial life science and financial services.

Before joining HP, Andreas was the CIO Security Technology and a managing director for UBS in Switzerland. In this global role he provided all security solutions around access management, vulnerability management, threat management, logging & monitoring as well as security operation and SOC to the bank.

Securing the Digital Transformation
The presentation will focus after the introduction and welcome on the cyber security requirements of today’s digital enterprise. It will illustrate the areas of security concerns from the past, today and the upcoming future and it will initiate the thinking of how security logging & monitoring can be used to make this a safer digital future.

2:30 – 3:00 pm Rafael Villoria Ferrer, Head of Security Operations Centre at Nestlé

Staffing SOC in a Time of Global Skill Shortage
About success with outsourcing selected SOC functions

Touching on tough questions like:

  • Which functions to retain in house, which ones to out-source
  • How to maintain data privacy
  • Who is the right service provider for me
  • How to define & measure SLA’s with the service provider
  • How to optimize an integrated service delivery
  • What to look for in a SIEM tool to facilitate out-sourcing

3:00 – 3:30 pm Bruno Blumenthal, Vice President Information Security at RUAG Corporate Services AG

Learning it the hard Way
We all know it, cyber incident happens and it is just a matter of time when it hits you. In 2016 we at RUAG had to deal with a major cyber incident. It was a sophisticated attacker, one of those you will likely never be able to keep completely out of your systems.

But could we still have done better, even against such a perpetrator? Could we have made it harder for the attacker and should we have detected him earlier?

In this talk I will give some insights into the technics the attacker used and how we are changing our way of running our IT to address those attack methods.

3:30 – 4:15 pm Break
4:15 – 6:00 pm Breakout Sessions (interactive sessions/talks)

Technical Breakout Session

by Rin Ure, Managing Lead & Jeff Allen McGee, Engineer from Hunt Ops Research and Development, Software Enterprise Security Products at Hewlett Packard Enterprise – from the USA

Interactive Hunting Workshop
Join us on an interactive hunt, where you are the active Defender! This Workshop session will show you the importance of incorporating a human defender (you!!) with the skills and technology to proactively navigate through your companies hosts and network armed with indicator knowledge to formulate and execute correct Hunting Hypothesis and Methodologies.

Using our Hunt Methodologies you will learn a proactive approach to preemptively counter unknown threats. We will address why it is critically important to have a dedicated resource that studies the adversary and develops indicator based hypotheses, while leveraging tools, techniques and procedures to counter the adversary. Essentially, our session show cases how to hunt using these methodologies along with proprietary and open source technologies, giving you, the active defender, a fighting edge against an active attacker!

Strategic Breakout Session

by James Blake, Global Strategist, Cyber Defence Consulting at Hewlett Packard Enterprise

James Blake has over two decades of operational information security experience and is the Global Strategist for HPE Cyber Defense Consulting. Prior to HPE, he was the Global Director of Cyber Security Operations Integration for JPMorgan & Chase, where he established the operational framework for big data analytics, hunt team, threat intelligence and SOC for the bank’s entire global operations.

James is the former Chief Information Security Officer for one of Europe’s largest cloud vendors who specialize in unstructured big data management. He also acted as the head of monitoring and incident response for a large national telecommunications provider. James was one of the founders of the Security BSides London conference and is the South West Regional Chair for the UKCERT Cyber information Sharing Partnership (CiSP).

CISO Strategy; Overcoming the Biggest Challenges in Achieving Cyber Security Operations Centre Excellence
Members of the HPE Security Intelligence & Operations Consulting (SIOC) practice will lead a workshop to gather details of top challenges that the delegates have experienced, or anticipate, and then facilitate a discussion on best-practice around these topics.

This is an opportunity to learn new approaches from not only your peer delegates, but also from members of the SIOC practice who have experience in building the end-to-end Cyber Security Operations Centre capability for over 75 customers, including dozens of FORTUNE/FTSE 100 organizations, as well as assisting nearly 200 other SOCs improve their capability.

This session typically covers topics such as demonstrating business value of a Cyber Security Operations Centre; how to recruit, train and retain staff; how to integration threat intelligence into cyber security operations; leverage correlation, hunt and analytics to maximum detection; and how to effectively and efficiently investigate incidents. During the sessions, each delegate will build a staged action plan to move towards Cyber Security Operations Centre Excellence.

6:00 – open end Barbecue & Networking (so reserve as well the evening!)
The speakers will be onsite for Q&A

The Sponsor of this event is:

This is a ‘must attend’ event for all Security Operation Professional! We are confident that the relationships you develop here will prove to be crucial to your continuing success.

So don’t wait and register or send us the application form by email

With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it with its event partners and event sponsors of this platform.

Mobile Menu