The whole agenda you can find here – all presentations are held in English
He is a community builder for security professionals, and has been serving as founding Chairman of the Swiss (ISC)² Chapter. He has served as Vice Chairman of the Board of certification organisation (ISC)² and as a Board member and chair of several other professional organisations.
The Great Cyber Race: Information and cyber security preparedness as seen from the front-lines of practice around the World
For over 10 years, the (ISC)² global Information Security Workforce Study has tracked trends in security management, spending and staffing to reveal corporate and society’s preparedness for the digital age. As the largest, and only work of its kind to provide a comprehensive view of opportunities and challenges as seen through the eyes of practicing professionals, the study is increasingly referenced by governments and organizations around the world.
In 2015 the study, available from April, presents a stark view of the combined impact of developing technology trends; and an increasingly sophisticated threat landscape, against a concern first raised in 2013 of a now acute skills crunch. A clear illustration of how digital development and society’s dependencies continue to outstrip the capacity to secure them, this year’s findings point to key management gaps within current practice, very real strains being felt by security teams and their organisations; and the influence all of this is having on security spending. Particular points of interest include:
Presentation in the stream of Information Security Forum (ISF)
A best practice framework for managing information risk
Effective management of information risk has never been as critical as it is today, particularly if organisations are to stay resilient while in pursuit of strategic goals. The role of cyber and information risk management is a board issue and must be given the same level of attention afforded to operational risk management and other established risk management practices today.
The insatiable appetite for speed and agility, the growing importance of the full supply chain (upstream and downstream) and the mounting dependence on diverse technologies (such as cloud computing and Bring Your Own Device (BYOD)) demand a consistent security framework and a scalable Information Security Management System, conformant with established standards.
We are presenting the ISF’s comprehensive best practice framework developed out of 25 years of best practice from a wide range of enterprises, including ISO 27002 compatible security controls, Risk Management and Benchmarking tools with an ‘out of the box’ approach for addressing a wide range of challenges – whether they be strategic, compliance-driven or process approaches.
Shira’s technological training dates back to her military service in the Israeli 8200 Elite Technology Unit of the Intelligence. In 8200, which became well-known for producing some of Israel’s top cybersecurity entrepreneurs, Shira was young sergeant overseeing two technology desks.
Shira’s professional career in Israel focused on economic research and investor relations. Upon relocating to Zurich in 2011, she served in various private banking functions at Bank Julius Baer & Co.
Upon completing her MBA thesis at the University of St. Gallen HSG in 2014, Shira launched Cyverse, a boutique consultancy based out of Zurich and Herzliya, with the vision of connecting Europe to Israel’s booming cybersecurity ecosystem.
Together with Cyverse’s Chairwoman, Ms. Anat Bar-Gera, a serial telecom entrepreneur, Cyverse has attracted to Switzerland some of Israel’s most advanced cybersecurity technologies, by tapping on Israel’s closed army and intelligence cybersecurity entrepreneurial circles.
Shira holds a B.A. from Harvard University and an MBA from the University of St. Gallen.
Israel: From Start-Up Nation to Cyber-Security Nation
In the last 4 years, Israel has seen the emergence of over 300 startups in the field of cybersecurity alone. This country of 8 million people has attracted in 2013 over 10% of the global funding in cybersecurity. In 2014, exit activity (acquisitions and IPOs) of Israeli cybersecurity startups exceeded CHF 1 billion.
How has the Israeli “startup nation” become a leading cybersecurity nation? Where do Israel’s top cybersecurity entrepreneurs come from? How does Michael Porter’s “Cluster” theory fit into this story? What are the opportunities for Swiss companies in the Israeli cybersecurity ecosystem? Shira’s lecture will touch upon all these points.
On an international level, Prof. Dr. Loomans is engaged as the ISF agent DACH of the Information Security Forum (ISF), one of the most renowned and largest associations in the area of information security. On a national level, he is professor for business informatics at the University for Applied Sciences in Mainz, Germany and provides his expertise to business associations and members of parliament of the Deutsche Bundestag. In addition to his role as a seminar speaker on information security topics, Prof. Dr. Loomans is active in the “Alliance for Cyber Security” of the BSI (German Federal Office for Information Security). Since 2014 he serves as an authorized expert for the European Commission in order to evaluate project proposals for future IT security technologies.
„Threat Horizon 2017“
The pace and scale of information security threats continues to accelerate, endangering the integrity and reputation of trusted organizations. Although cyberspace offers opportunities for leading organizations, this environment is uncertain and potentially dangerous. It is a place where hacktivists and cybercriminals are honing their skills and governments are introducing new regulation and legislation in response to major incidents and public concerns. Organizations are forced to continually adapt and rapidly respond. Those that are informed and prepared for change will go a long way to securing their future.
Threat Horizon 2017 looks ahead two years, identifying and analyzing new or emerging threats that may impact the confidentiality, integrity and availability of information. The report contains recommendations for ISF Members and references to ISF deliverables and resources that can help to address these threats.
This year’s report identifies nine compelling threats that are set out under three thought-provoking themes. These themes engage with particularly difficult cybersecurity challenges in a way that is relevant to senior business managers, information security professionals and other key organizational stakeholders. They are:
From 2007 to 2012, Adrian was CEO of SwissSign AG, a company fully owned by Swiss Post. In this role, Adrian was responsible for development, production, marketing, operations, and support of certificate-based identity and IT security solutions, including the SuisseID.
Prior to leading SwissSign AG, he was VP & CTO EMEA for identity and security solutions at Novell Europe for 5 years. Before, he was CEO of Novell Switzerland for five years.
Adrian studied management and IT at the University of St.Gallen and holds an MBA in economics an information technology from this
Swisscom AG, Roger Halbheer, Head of Group Security
Roger Halbheer is Head of Group Security at Swisscom. He is responsible for the security strategy of the overall Swisscom Group in close collaboration with the group’s companies. Roger is a trusted advisor to C-level executives in the commercial and private sectors and regularly represents Swisscom at industry events. Until 2013 Roger was Microsoft’s Worldwide Chief Security Advisor.
A Swiss national, Roger holds a Master of Computer Science degree from the Federal Institute of Technology in Zurich and is a Certified Information System Security Professional (CISSP).
Security for Tomorrow – new Approaches for a new World
The threat landscape changed significantly over the last years but what happened to our security concepts? Were we brave enough to keep up with the threat landscape? New ideas and new approaches are needed, where the employee, the human is at the center – not security or technology. Swisscom works in different areas on new concepts and new ideas and is working closely with start-ups approaching security differently.
We will show you some concepts we see relevant for the future and how we approach them.
Prior to Safend, Mr. Almer managed the encryption and endpoint DLP products within the Endpoint Security Group at Symantec. Previously he managed the memory cards product line at M-Systems prior to that company’s acquisition by Sandisk in 2006.Mr. Almer’s operational experience includes the launch of 3G services projects at Orange, Israel’s fastest growing cellular operator, resulting in 100,000 new 3G customers within a year of its launch. As the CTO of Partner Future Comm, Mr. Almer developed the product and company strategy for potential venture capital recipient companies. Mr. Almer has a B. Sc. in Electrical Engineering and an MBA.
Hybrid is Here, Security is Not
Enterprise-sanctioned cloud deployments are fast becoming a reality as companies look to expand their data centers into the cloud in order to increase business agility and reduce costs. Even the most regulated industries are beginning to consider the financial advantages of the cloud. But concerns about security and compliance are slowing them down.
In this presentation Mr. Almer will highlight some of the security challenges organizations face when migrating business applications to the public cloud, and provide some best practices to mitigate them. He will also call out the pros and cons of various security models and infrastructure options to help companies understand their risks and design and deploy an environment that best meets their needs today and in the future.
Dealing with BalaBit technologies since 2009 his goal is lead Solution Services as close to the Security market as possible eliminating the most painful problems of Enterprise customers with efficient solutions based on BalaBit’s best-of-breed portfolio.
Contextual Security Intelligence
IT security departments face a difficult challenge nowadays: the contradictory expectations of business flexibility and information security. But these do not necessarily need to contradict each other. The problem stems ‘only’ from current security practices based on control tools which are adequate against automatic attacks but cannot stop an intelligent, motivated attacker. In other words, the result of higher levels of control is more restrictions on users while letting criminals get on with their work. We can find better answers in real-life security disciplines.
According to experts in these fields, security is nothing more than the knowledge of a situation and the power to intervene. So, IT security should rely more on monitoring to be able to be business-friendly and at the same time provide real security. But more information is needed to add context, this allows intelligent security decision in future.
New CISO – surviving the first 100 days
Michael will share the experience he made during his first 100 days at Julius Bär where he started to work on January 1st, 2015. Specifically you will learn about how he survived and shaped the first 100 days, which was the storyline he developed in order to onboard senior management, what questions he asked and the waves he rode.
Endre heads the Security Engineering Lab (SEL, http://sel.bfh.ch) at the Bern University of Applied Sciences. The SEL is a group of researchers and practitioners. Its current research activities are in the field of intrusion forensics (e.g., memory forensics, malware analysis, custom security assessments).
Memory Tracing – Forensic Reverse Engineering
Memory forensics is considered to be a key technique for detecting and analyzing malware and hacking attacks. In this talk we present a novel technique in the field of memory forensics, which allows to automate certain aspects of malware analysis and reverse engineering. Given the sheer number of attacks, their sophistication and the lack of sufficiently many skilled analysis, (partial) automation of malware analsyis is crucial for dealing with attacks.
The core idea underlying our technique is to record memory dumps with a high temporal frequency (e.g., up to 100 memory dumps / second), resulting in a series of memory dumps (which we call a “memory trace”) that record system behavior. We will show how memory traces give rise to novel malware analysis and reversing techniques, and illustrate them with practical examples. We will also discuss our memory trace acquisition engine.
The technology presented originates from research conducted at the Security Engineering Lab of the Bern University of Applies Sciences. With support from partners from industry, we are currently evaluating its applicability in industry.
The Technology Radar – Envisioning the Future of IT Sets the Stage for Disruptive Change
IT has taken on a pervasive role in the world economy, fostering innovation at an incredible pace. Because of this, it is hugely important to predict where the IT industry is heading in the near and long term.
Get insights from Kah-Kin on how the Technology Radar foresees emerging technology transitions, builds visions around them, and shapes the internal and external innovation strategy.
Beside his studies, he worked as developer for AdNovum Informatik AG and afterwards as IT-Supporter for ETH Zurich. Since March 2011 Ivano Somaini is employed as Security Analyst at Compass Security. In 2013 he formed Compass Security’s branch office in Bern and has been leading it ever since.
“Social Engineering: The devil is in the details”
Information security threats to organisations have changed completely over the last decade, due to the complexity and dynamic nature of infrastructures and attacks. Successful attacks cost society billions a year, impacting vital services and the economy. New attacks cleverly exploit multiple organisational vulnerabilities, involving physical security and human behaviour. Defenders need to make rapid decisions regarding which attacks to block, as both infrastructure and attacker knowledge change rapidly.
The speaker, Ivano Somaini from Compass Security, was a member of the amateur acting group at the Cantonal School of Graubünden at Chur. With his Master in Information Security at ETH Zurich, he found the perfect way to combine those interests: Social Engineering.
This presentation will learn you more about the methodologies of a professional Social Engineer as well as the newest attack vectors available. Ivano Somaini will present you several attack scenarios he successfully executed in real companies during his four years of Social Engineering experience. All those scenarios exceeding known approaches such as e-mail phishing by far. He will explain how even the smallest and seemingly least relevant information revealed is enough to break into financial institutions and steal industrial Know-How.
The presentation will furthermore consist of some precise information on how companies can best protect themselves from these attacks based on the experiences and the knowledge of Ivano Somaini.
Prior to joining Corero, Palmer was a Distinguished Technologist and Senior Product Manager within HP Enterprise Security Products and HP Networking divisions. Within HP TippingPoint, Palmer was instrumental in developing both product and engineering strategy, and led various significant new product introduction projects in the next generation firewall, intrusion prevention and networking spaces. Palmer has also held senior roles within 3Com Corporation, Adaptec, and Digital Equipment. Palmer has a Bachelor of Science degree in Computer Science from Edinburgh University, United Kingdom.
The Growing DDoS Threat to your Business
This session reviews real world examples of DDoS attacks increasing in frequency and sophistication and the use of DDoS as a distraction for more nefarious data exfiltration purposes, based on findings from the Corero DDoS Trends and Analysis Report.
Join Corero Vice President of Engineering, Julian Palmer to discuss:
Finding malicious activity in HTTP(S) traffic with Hviz
For most companies, HTTP/HTTPS traffic is probably the most important type of traffic when looking at traffic exchanged with services in the Internet. This includes both benign traffic and traffic caused by malware or malicious insiders. HTTP and HTTPS traffic recorded at the perimeter of an organization is therefore an exhaustive data source for the forensic investigation of security incidents.
However, due to the nested nature of today’s Web page structures – a web page access triggers tens or even hundreds of HTTP requests – it is a huge manual effort to tell apart benign traffic from malicious traffic.
In this talk, we present Hviz, an interactive visualization approach to represent the event timeline of HTTP and HTTPS activities of an endpoint. Hviz facilitates incident investigation by structuring, aggregating, and correlating HTTP events between endpoints in order to reduce the number of events that are exposed to an investigator while preserving the big picture.
We briefly discuss first results obtained with using our Hviz prototype system with synthetic and real-world HTTP traces from a campus network. These results show that Hviz is able to simplify the examination of malicious activities arising from malware traffic or insider threats by structuring and significantly reducing the amount of data presented to an investigator.
This work was presented at DFRWS EU 2015 (http://www.dfrws.org/2015eu/) where it has been awarded with the Best Paper Award.
A live demonstration of Hviz is available at http://hviz.gugelmann.com/
Web fraud – attack examples and how to protect your internet online services against it
Malware and Phishing continue to be major concerns for financial, healthcare, defense, energy, and many other organizations. Statistics show that browser-based Trojans and Phishing attacks account for about 70% of web fraud in 2014 alone.
Fraudsters continue to evolve and exploit the weakest link: the end user. Historically, organization have done pretty well in protecting the data centers, implementing multi-factor authentication and protecting applications via server-side controls; however, many have failed to focus on effectively securing the end point where users interact with web applications. This has been difficult because organizations do not have control over those end-user devices.
The presentation covers examples for online services like Man-In-The-Middle, Man-In-The-Browser or other Trojan-based activities such as web injections, form hijackings, page modifications and transaction modifications and upcoming new challenges.
Information Security Policies and Compliance measurement – simplified?
Development of Information Security Policies based on ISF Standard of Good Practices Control Framework and progress/compliance measurement through their Online Benchmarking tool.
John has 18 years of international information security experience in the areas of network security, crypto & authentication, risk management, and incident response; he previously worked as deputy head of security engineering for UBS, and is a graduate of UC Berkeley and INSEAD.
Cyber-Threat Intelligence Sharing: Addressing Evolving Global Security Threats
Companies are faced with ever more sophisticated attacks and complex information security challenges. These include the growth of espionage, targeted multi-vector attacks, and sophisticated international threat actors.
This presentation will provide a high-level overview of the evolving global cybercrime landscape, and presents the development of threat intelligence sharing in the as an effective countermeasures to increasingly complex attacks.
Information sharing is not without its challenges, particularly in the heavily regulated and technologically fast-moving financial industry; combined with the often fragmented and diverse nature of Europe, this means that cooperation, coordination, and active sharing will continue to grow in importance.
Data-centric security – what is new ?
Confined and isolated IT environments don’t exist anymore. Organizations are becoming more and more distributed and it is hard – if not impossible – to clearly define IT boundaries. If to this reality we add all the volume and velocity issues that Big Data brings in, we see that infrastructure-based protection mechanisms (DLPs, firewalls, encrypted gateways, …) are not sufficient to protect the enterprise information crown jewels: sensitive information. We are convinced that data-centric information protection is the next logical step organizations should go!
In this session you will learn from Dr. Riebe what data-centric security means from a process and a technical perspective. He will share his experience made when implementing data-centric security solutions. In particular, it will be elaborated how important the identification and life-cycle classification of information is to trigger the suitable protection mechanisms like DLP or RMS functionalities.
Advances and Trends in Cryptography
Cryptography is the basis of any security system and is usually the strongest link, but can turn to be devastating weak, if used incorrectly. In order to guarantee the security, it is of utmost importance to keep track whether the link is still strong or if new insights have been discovered.
Beside the analysis of existing primitives, research is conducted to find new techniques to improve security or to apply cryptography in new and innovative ways. In this talk we will have a look on the most recent advances in the research and development of cryptography and Show how modern systems are using cryptography to solve security issues today and in the future.
At Ionic Security, Allen is responsible for the product roadmap, product delivery, and ensuring that the business stays aligned with market and customer needs.
He has ten years of cyber security experience including product management and strategic alliance roles at SecureWorks (now part of Dell) and Internet Security Systems (now part of IBM).
Allen’s educational background includes Computer Science and MBA degrees from Georgia Tech, the CISSP (Certified Information Systems Security Professional) and CCSK (Certificate of Cloud Security Knowledge) certifications, and a Green Belt in Lean/Six Sigma.
Allen is a member of the US FBI InfraGard program, and an active speaker on information security and risk management issues at industry events including the Information Systems Security Association (ISSA), Open Web Application Security Project (OWASP), and the Cloud Computing Expo. He has been interviewed by industry publications including Network World, ComputerWorld Canada, Computer Dealer News, and MSP Mentor.
Start with the Data
Change in the world of technology is rapid, with increasing demands from the business to deliver value from the innovation available in Cloud, Mobile, Collaboration and Analytics. New business models are transforming the adaptive companies in the digital economy whilst disrupting the path of the also ran’s. All this happening at a time when the balance of risk and probability has seemingly tipped towards a view that breaches and compromises are a matter of when and no longer if. Certainly IT security teams have tried to tackle this problem by layering on defenses and controls that ultimately have proven unsuccessful in stopping data theft.
Do you have to say no to the business when it comes to adopting new enabling technologies?
As your data moves beyond the traditional perimeter and current controls, are you confident that it’s protected, visible and in your control no matter where it is at rest, in use and in motion?
Gaining such confidence requires a new approach to information security to keep the data persistently safe and private while enabling the business – Start with the Data.
Time to Detect / Respond – How to achieve the next evolution level in Cyber Security
Securing your Data Across the Enterprise
Understanding that tokenization technology simplifies and significantly lowers the cost of PCI compliance is one thing; understanding how else your data security strategy can benefit from the same technology is another. Enterprise-wide tokenization is far less intrusive than encryption, as key management is greatly reduced or eliminated and the data type and length of the original data can be preserved. Tokens can be embedded with business intelligence to eliminate the need to de-tokenize sensitive data for many business processes. Applied across an entire enterprise, including BIG DATA and the Cloud, next generation tokenization enables complete protection and regulatory compliance for not only PCI data but also other sensitive data including PII and PHI.
The purpose of this session is to explain how an enterprise approach to data security allows organizations to protect data wherever it exists from acquisition to deletion to maximize security with minimal impact on day-to-day business operations while regulatory compliance is ensured.
What will attendees learn:
Secure communication technology: past, present, future
Five years ago nobody had heard about WhatsApp. Last year Facebook acquired it for $19 billion. Three years ago WhatsApp was running an insecure protocol. Since a few months it’s deploying state-of-the-art end-to-end encryption stronger than many enterprise solutions and allegedly stronger than military solutions, in terms of protocol design.
The upshot is that secure communication tools are evolving rapidly, and it’s often unclear which solution to choose, for which use case: is it voice/VoIP, messaging, email, or a combination thereof? Can it and should it be integrated in the enterprise unified communications framework? Who can intercept communications? What are the free and open-source solutions available, and what are their limitations?
After a brief review of the evolution of commercial secure communication systems, this talk will answer those questions to help you select the most appropriate systems for your business.
Goodbye passwords. Hello productivity.
The future of identity – has the post-password era begun?
To stay secure in today’s business world, organizations need to adapt to new paradigms towards new concepts for managing identities. In an era of cloud and mobile, next generation identity systems must be federated by default, support mobile and API’s, and provide us with a unified view of identity and access across a highly distributed set of systems.
This session will explore how enterprise businesses can migrate away from traditional network- and password based security to a standards-based modern Identity and Access Management model that spans all of private and public clouds, on-premise and mobile infrastructures. We’ll take a look at the relevant standards and how they allow us to move away from password-based authenticate in to a post-password era that guarantees better security whilst increasing convenience and productivity.
Security becomes Continuous
Hackers constantly probe perimeters using automated tools to exploit any vulnerabilities. We need to do the same: move from infrequent periodic audits to continuous security. We can start at the perimeter, just as hackers do and learn from each attack.
This presentation explores the techniques used and shows that security has to adapt to the attacks in the wild and be continuous and always uptodate. We will provide best practices for mitigating risks in the same way hackers perpetually attempt to breakthrough.
Collaborative Security Model
Current security deployments are composed of prevention, identification and intervention. We assume that our preventative measures have already been circumvented by our attackers and that other systems have been comprised. The challenge is being able to identify and counter attacks as quickly as possible. The collaborative security model is a framework that expands existing monitoring solutions for an open and expandable abstraction layer for security commands. The framework also establishes a standardized communication channel that enables security components to be managed centrally. Security solution providers can expand the collaborative security model with APP. We have already brought a number of providers on-board, such as Intel, Fortinet and Palo Alto Networks.
Wim has been engaged in various InfoSec community initiatives such as the co-development of the Penetration Testing Execution Standard (PTES), InfosecMentors, The Eurotrash Security Podcast and organizing the BruCON security conference.
Wim has been a featured speaker at international conferences such as Excaliburcon (China), Blackhat Europe, Source Boston, Source Barcelona, GISEC (Dubai) and SecZone (Colombia). He is a former member and 2014 Chairman of the (ISC)2 Board of Directors
Modelling systems to reduce risk
Don’t let your security programme fall behind. In a world where executives are asking more questions about security and high-profile breaches and critical vulnerabilities are reported in prime time, rigid policy frameworks and traditionally slow (but cautious) decision making are no longer sufficient. Security departments in organisations of all sizes and across all industries must ensure that business critical assets are protected, compliance and regulatory requirements are met, and rapidly changing business goals are supported. In this presentation,
Wim will cover the current state of the art for security programmes, how to work with your organisation to ensure that security becomes a business enabler and how to build a future-proof security program within an ever evolving and changing threat landscape.
Visualising Insider Activity and Uncovering Insiders Threats
Organizations have seen an upturn in security breaches from internal threats and research such as the 2014 Verizon Data Breach Investigations Report points to a continuation of this trend. Employees, contractors, and customer or partner organizations are all examples of points of origination for insider attacks. Also by 2018 we could see over 25% of corporate data traffic bypassing perimeter security and flowing directly from their mobiles devices to the cloud.
Join Colin West, EMEA Sales Engineering Director of Tenable Network Security, in this presentation where he will discuss:
The Increasing Importance of Using Data Identification and Behavioral Analytics to Tackle Insider Threats
Being able to accurately identify the sensitivity of corporate documents so that the proper controls can be enforced is a good start in addressing insider threats. Identifying potential insider threats however must go beyond just data identification. By looking at behavioral analytics, ‘normal’ user behavioral patterns can be established, and changes in behavior can serve to help guide corporate security groups to specific users who might be deemed a ‘threat’.
As insiders become more and more sophisticated in their attempts to breach sensitive information, the technology used to thwart their attempts must be able to keep up. Data that is generated through policy execution and enforcement will play an even more critical role in the success of behavioral analytics solutions. Additionally, behavioral analytics can feed into an organizational threat index, which can be an effective way to monitor risky behaviour and suspect employees.
In this session, Tim Upton, Founder and CEO of TITUS, will give you an outlook of the challenges and strategies that organizations will have in order to effectively manage insider threats, starting with protecting the data itself, and making all employees part of the organization’s data security framework.
Before that, he also served as Product Marketing Manager and as Channel Development Manager at Trend Micro.Udo looks back on many years of experience he has gained at leading vendors within the IT security market: Amongst others, in his five years’ stay at Check Point Technologies he worked as Systems Engineer, as Senior Consultant, as Security Analyst, and as trainer. At Perimetrix Systems, he was Technical Director.
Modern Datacenters – “Face the challenges with Security”
Many Enterprises plan to modernize their datacenters. New Technologies in virtualization offer interesting options. Else the move to the cloud, private or public is discussed. Next to the existing security concepts these new options also create new challenges. Additionally further compliance requirements and regulations are created by certain industries and governments as well. With all this it’s easy to lose the overview.
To help companies avoiding this, the speech discusses the different challenges enterprises face with solutions from e.g. AWS, Azure or SAP and helps preparing the security for the modern datacenter.
Prior to joining Tufin, Mark held leading positions at Check Point Software for nine years, including director of strategic accounts and global sales training. Mark also previously served in key technical roles at IBM Israel and Byford Computer Services in the UK. He holds a degree in Technology and Business Studies from the University of Strathclyde in Scotland.
Microsegmentation vs. legacy concepts – the future of policy orchestration
Companies are faced with challenging times. The traditional legacy networks evolved during the last years to virtualization and cloud concepts accompanied by technical hypes like BYOD, big data and “internet of things”. The opportunities of these developments are high – if the companies can realize the right mix between flexibility and control. Especially the security and compliance officers begin to struggle with these complex and heterogeneous environments – together with “silo-thinking” of the different administrators / business owners of independent physical network, virtualization (SDDC), Cloud and application environments.
How it´s possible to realize a general security policy within these diversified environments without huge personal efforts, bypass individual department managers and manual customization? The vision of Tufin is to help companies Within this challenging times, would be automatization, clear definition of cross-departmental workflows and integration of new concepts like multi-tendency and application oriented views a possible solution?
The CEO gets it, now you have to deliver…
Cyber will no longer be a buzzword confined to tech savvy people. Developments in cyberspace and related disasters are already in the news are talked about within the boardroom and reported in some organisations’ annual reports. By 2016, the CEO will understand cyber risk and expect the CISO to manage it, while delivering the value so long promised. The CISO needs to mature the security function to be able to satisfy the CEO’s questions, particularly: “are we ready?” and “are we secure?”. In this talk, Stephan will give you some insights and tips, and shows you possible ways to master this challenge.
Humans as security vulnerability! Malicious insider threat as a crucial corporate risk factor
Current studies show that malicious insider threat is an increasing crucial issue for enterprises. Based on the dependence on ICT, new attack forms, collaboration with third parties and others, malicious insiders can cause enormous harm to an organization.
The talk will focus on the current state of insider threat and on motivational and behavioural aspects of malicious insiders. Furthermore, some starting points for organizational insider threat prevention management will be presented.
Kevin has successfully deployed authentication and encryption solutions for the world’s most demanding financial institutions, telcos, and government agencies. His early success securing critical systems included designing and engineering cutting-edge Java and smart card–based encryption and PKI applications for the U.S. government.
Kevin has authored several books, including PCI Cardholder Data Protection for Dummies and Laptop Encryption for Dummies and co-authored research projects with The Ponemon Institute including the Cost of Data Breach, Cost of Failed Trust, and Worldwide Encryption Trends reports.
Mr. Bocek has a B.S. in chemistry from the College of William & Mary and an MBA from Wake Forest University.
Securing our future: Lessons from the human immune system
All signs point to a future world of more complex, harder to detect threats. Capabilities of attackers are constantly evolving. For example, Intel predicts the next big hacker marketplace to be in the sale of digital certificates – these are already going for €1000 each on the black market. Bad guys are gaining trusted status and hiding for longer, and their evolution is accelerating. Gartner expects 50% of network attacks to use SSL/TLS in less than 2 years – more attackers looking trusted, hiding in encryption. Our adversaries are exploiting what seems to be our strengths.
What’s to do? The human immune system has evolved to defend and destroy complex and oftentimes overwhelming attacks. What can we learn from it? How can we create a future that’s more resistant as we use more software, more clouds, more apps, and more connected devices. This session will explore lessons from the human immune system, changes in the threatscape, and how our IT security strategies can evolve.
Neil is a member of the ENISA Threat Landscape stakeholder group where he contributes to the EU agency program alongside CERTs to position the threat landscape, offer mitigation advice and threat analysis innovation. Neil is also co-founder of the Security Advisor Alliance, a not-for-profit organisation formed to help security leaders in their role and offer free advice and tools to move towards improved risk and data-centric strategies.
Data protection – own your asset before your adversary
With cyber threat now a top concern for most CEOs, this session will focus on the value of adopting a risk-based, data-centric security strategy that aligns with corporate objectives. The combination will form a compelling case for all organisations to reassess the basic infrastructure and compliance-only security programmes that exist today.
This session will help bring you up to speed on the latest threat intel and cover the tactics and techniques today’s sophisticated adversary uses including:
He is a community builder for security professionals, and has been serving as founding Chairman of the Swiss (ISC)² Chapter. He has served as Vice Chairman of the Board of certification organisation (ISC)² and as a Board member and chair of several other professional organisations.
At present, Ronny Fischer is a Head of BT Security Switzerland in Wallisellen. Previously he served as Senior Security Consultant in BT and before as Security and Network Forensics Consultant for Computer Associates Switzerland and as an IT Security Specialist at Omicron and Comicro Netsys AG.
Wüest holds a master of computer science from the Swiss Federal Institute of Technology (ETH) and various certifications. He has published various whitepapers and has been featured as a security expert in various media. He is also a frequent speaker at security-related conferences including Area41, BlackHat and RSA. He learned coding and the English language on a Commodore 64.