SIGS Technology Conference – Security Day Speakers 2017
All presentations are held in English
|CERN, Stefan Lüders, Head of Computer Security
Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Since 2009, he is heading the CERN Computer Security Incident Response Team as CERN’s Computer Security Officer with the mandate to coordinate all aspects of CERN’s computer security — office computing security, computer centre security, GRID computing security and control system security — whilst taking into account CERN’s operational needs.
Dr. Lüders has presented on computer security and control system cyber-security topics at many different occasions to international bodies, governments, and companies, and published several articles.
Security in an Academic Environment: The Balance between Academic Freedom, Operations & Computer Security
|Cisco, Story Tweedie-Yates, Head of Security Business Unit – EMEAR
Story is a Product Manager for the Cisco Security portfolio in the Security Business Group. In her role, she is responsible for introducing customers to Cisco’s large portfolio of security offerings, applying these offerings to verticals, market segments and the local relevant EMEAR context. She serves as a Subject Matter Expert and thought leader on Cisco Security, creating content and presentations about how Security enables digitization and innovation. Recently she has served as the Product lead for Cisco Web Security, bringing new Cloud and CASB capabilities to market for Cisco customers while pioneering a popular webinar series.
Story is a Stanford graduate with a BS in Psychology. She also has an MBA from Thunderbird School of Global Management, speaks fluent Spanish and has done business in over 40 countries. In her time off, you will find her on a bike riding around Amsterdam or exploring underwater treasures with a scuba mask alongside her husband.
The frontiers of cybersecurity; how to prepare
|IBM Resilient, Ted Julian, VP Product Management & Co-Founder
Ted is a well-known, highly regarded figure in the security and compliance markets. Over the last 12 years, he has conceived and launched multiple successful security start-ups across software, hardware, and professional services. He served as the founding VP of Marketing at Application Security, the leading provider of database security solutions. Prior to Application Security, Ted was a company founder and Chief Strategist (functionally the VP of Marketing) at Arbor Networks (acquired by Danaher), a leading network security firm whose technology protects the backbone networks of virtually every provider around the globe. Prior to Arbor, Julian was a company founder and VP of Marketing at @stake, the premier digital security consulting firm (acquired by Symantec). He got his start in high tech as an industry analyst at International Data Corporation (IDC) and Forrester Research.
Julian is a sought-after industry expert who has appeared on CNN and ABC News as well as in the Wall Street Journal and USA Today. He is proud to have been named “Geek of the Week” by The Boston Globe and to be a guest lecturer at Cornell University’s Johnson School. Ted serves on the board of his town’s recreation department and is an avid runner. He holds a Bachelor of Science degree from Cornell University.
The Role of Orchestration in Incident Response
In this keynote, IBM Resilient’s Ted Julian, Co-Founder and VP of Product Management will explore the latest incident response methodology and technology. Can automation really save the day? Or are the naysayers correct that the automation cure is worse than the disease itself? From instant escalation, to automatic enrichment, to guided mitigation, Ted will explore the latest incident response techniques and share what works and what doesn’t.
|University of Toronto, Allan Stojanovic, Information Security Architect
Allan Stojanovic has survived IT for over 20 years. He has worked in nearly every vertical doing may different roles, mostly in the Information Security field. A jack of all trades, he tries to know a little bit about everything, and is a self proclaimed expert at nothing. The University of Toronto has been kind enough to employ him for the last 6 years.
You can find a first impression at YouTube
Tactical Defence: Principles and Observations
In this presentation, I will talk about some of these principles, the observations that lead us to them, and the some of the outcomes of trying to implement them. Spoiler alert: They work very very well, even along side traditional security thinking.
|Zscaler, Bil Harmer, Strategist, Office of the CISO
Harmer has been in the IT industry for 30 years. He has been at the forefront of the Internet since 1995 and his work in security began in 1998. He has led security for startups, Government and well established Financial Institutions. In 2007 he pioneered the use of the SAS70 coupled with ISO to create a trusted security audit methodology used by the SaaS industry until the introduction of the SOC2.
He has presented on Security and Privacy in Canada, Europe and the US at conferences such as RSA, ISSA, GrrCon and the Cloud Security Alliance. He has been interviewed by and has written for various publications such as Dark Reading, Data Informed, SecureWorld and Security Intelligence. His vision and technical abilities have been used on advisory boards for Adallom, Trust Science, ShieldX, Resolve and Integris. He has served as Chief Security Office for GoodData, VP Security & Global Privacy Officer for the Cloud Division of SAP and now serves as a Strategist for Zscaler where he runs the Office of the CISO for the Americas.
Change is Merely an Act of Survival
We will then take a few steps into the future and explore some possibilities that have the potential to greatly affect corporations and how they protect themselves. Finally we will explore some of the potential strategies that can be started now to lay time ground work to ensure a more secure architecture in the future.
Professional & Sponsor Presentations
|Acer, Howard Cheung, CIO
Howard has been in the IT industry for 30 years serving companies in the U.S. and Europe. Howard has spent 16 years with Acer Europe as Chief Information Officer and seven years as Software Development Manager with Radiant System/NCR managing international software development for the Retail Industry.
Howard holds Master of Business Information System degree from Georgia State University in Atlanta, Georgia, USA.
Build a secured system from day one with proper architectural planning, governance and change managemente
|Avecto, Dennis Weyel, Senior Technology Consultant
Dennis is a Senior Technology Consultant at Avecto. In his role, Dennis helps global organisations get the most out of their security software, helping them build stronger, better performing security environments. With over 17 years’ experience in the security and software industry, Dennis has a wealth of technical knowledge and insight working closely with CISOs and CIOs.
Social engineering is nothing new! The solution is simple
We will take you through a simple, smart approach to security that stops internal and external attacks before it’s too late.
|Balabit, Martin Grauel, Pre-Sales Manager EMEA
Martin Grauel is Pre-Sales Manager EMEA at Balabit, a leading provider of contextual security technologies with the mission of preventing data breaches without constraining business. Prior to the current role, he was working as a Pre-Sales Engineer at Balabit for the German, Austrian and Swiss region.
After studying business informatics, Martin has been working in the IT security industry for more than 15 years. Prior to Balabit, he was a consultant for a German information security service provider.
How Context is Key in Preventing Data Breaches
At the end of the day, the critical ingredient for both computers and humans is context. Without it, there is too much data, and too much irrelevant data, to make accurate and rapid decision making possible. In this presentation you will learn how can you use contextual information collected by various security solutions to reduce the chance of data breaches.
|BitSight Technologies, Frank Weisel
Frank Weisel works in IT-Security since the early 90s with Companies like McAfee, Trend Micro, Fortinet and now Bitsight. He is well known for establishing new innovative companies in the European market.
Frank has a degree in technical physics and work several years at the TU Munich programming mathematical simulations.
Simplifying vendor risk management through continuous risk monitoring
We will demonstrate what this concept means, which threats are coming from the “Cyber Risk”, and how organisations can manage and control the “Third Party Cyber Risk” effectively.
|Bromium, Jochen Koehler, Regional Director
Jochen Koehler has joined Bromium as Regional Director for DACH (Germany, Austria & Switzerland) in November 2015. Since then he expanded Bromium’s customer base across all verticals and established notable channel relationships that help him accelerate sales for the only Endpoint Protection Solution in the market that does not rely on detection.
Jochen has 20 years of experience in IT- and Information Security focussing on the launch and growth of software and consulting companies in DACH.
Immunity – once and for all
These are all valid options but they obviously have different implications on your daily business – but what if there was a way to immunize your body or system in a way that does not at all affect you and your work? Such as “click on anything” without risk of a compromise? See and listen to an unparalleled approach that has changed the security model of many enterprises already.
|Casinos Austria / Austrian Lotteries, Michael Mrak, Head of Departement Compliance
Michael Mrak, born in 1963, started to work for Casinos Austria in the year 1993 as an IT project manager. He was responsible for the design and implementation of the nationwide network of all 12 Casinos in Austria and for the integration of IT systems. He was also responsible for the development and operation of all IT security systems.
In the year 2001 Michael left the IT department and joined the Internal Audit Division as Data Protection and Information Security Officer. In 2001 he also founded the Department Data Privacy of Casinos Austria and the Austrian Lotteries.
Michael joined the Division Public & European Affairs and founded the Department Data Privacy & Anti Money Laundering in 2008. Since 2012 his Department also covers the field of Anti-Corruption and was renamed to Department Compliance.
Michael is a lecturer at the University of Applied Sciences in Graz and he is also well known as a speaker at various national and international seminars about Data Privacy & Security issues, Anti-Corruption awareness programs and Anti Money Laundering methods in the gaming industry. He is also an expert in the field of compliance certification standards.
He is a dedicated member of the Compliance Officer Association Austria, a founding member of the Austrian association of Privacy Officers and also an active member of the International Association of Privacy Professionals and the Association of Certified Anti-Money Laundering Specialists.
Thoughts on the meaningful use of compliance management systems
It all starts with the need of finding a definition what compliance means for your organization and what issues have to be covered. In his speech Michael will explain the effect of rules based vs. risks based systems in an organization and how both approaches can benefit from each other. It will also cover the question if compliance can be an innovation driver and how to get over internal resistance if it comes to the implementation of a management system. Michael will also explain the five basic elements of every compliance system and how to find internal allies to implement a working CMS.
|Checkmarx, Gunner Winkenwerder, Director of DACH
Mr. Winkenwerder joined Checkmarx in 2015 after spending the previous 25 years in various positions in leading IT/Security companies like HP Enterprise Security, Mercury Interactive and PTC.
Since 2011 he has a dedicated focus on application security solutions. Mr. Winkenwerder holds an M.Sc. in Engineering from Texas Tech University, Lubbock, TX, USA.
SAST is a MUST – Software Security & Early Prevention of Vulnerable Code
In our talk, we’ll take you through some of the fundamental principles behind ingraining software security into the development life cycle:
|Cybereason, Richard Cassidy, Director Sales Engineering
Richard has been working in the IT Security arena for over 17 years, having ridden the waves of innovative technology era’s representing start-ups in networking, virtualisation, security, cloud security & compliance; Richard has gained extensive knowledge and experience of the threat landscape, including an innate appreciation of the advanced tools, techniques and procedures in operation today (by bad actor groups and solo campaigners) against businesses of all shapes and sizes, as a result of his direct involvement in Threat Intelligence operations at previous vendor roles. Richard is also a very active information security blogger and writer, having score of publications in national press in both EMEA and the U.S.
Through his experience, Richard worked to help consumers in understanding complex cyber security issues in a relevant and contextual manner, ensuring that lessons can be learned and security practices improved as a result.
Security demands Endurance
The house of cards approach to security requires moving away from the traditional IT mindset that encourages analysts to quickly close incidents. Instead, it calls for an investigative mentality with every incident considered a potential piece of a larger puzzle. In this session, Richard will discuss this new approach to endpoint security that shifts the odds in favor of the defenders.
|CyberTrap, Avi Kravitz, Co-Founder & CTO
Avi Kravitz is working as a senior security consultant for SEC Consult and as CTO for CyberTrap. After years of thorough technical and information security related academic background (technical college, bachelor in IT-Security and master in Information Security) he started his career as technical security consultant with focus on penetration testing back in early 2009 after working as IT-Security expert for several years.
Within the following years he switched his focus on espionage related international incident response cases and security management topics, leading his customers through all remediation phases after an identified security breach.
While the vast majority of organizations were dealing with recurring breaches from the same adversaries, he had the idea to lure them into an intelligent trap to let them believe that they succeeded with the breach to gather unique threat intelligence at the end of 2012.
At this moment the idea of CyberTrap was born. After 2 years of development Avi is now the CTO of CyberTrap and responsible for the operational service and product management topics.
Modern deception techniques in the age of failing prevention
Once you kick them out, they find new loopholes to re-enter the organization, targeting the crown jewels every time. If you play this game long enough you will realize at a certain point in time that neither a strong perimeter security nor conventional IT security will be sufficient to conquer this battle.
The challenge we are facing in SOCs nowadays is to reduce the time to detect those adversaries and to get valuable threat intelligence to increase the resilience of security infrastructure.
|Darktrace, Luana Landolt, Senior Account Manager
Luana Landolt, Senior Account Manager at Darktrace, has worked in countries and markets all over Europe with a specific attention on Switzerland. As an experienced member of the Darktrace team, she is well placed to discuss Darktrace’s fundamentally unique approach to cyber defence.
Self-learning cyber defence through machine learning
|IDQ, Gilles Trachsel, Director Strategic Partner Management|
Gilles Trachsel is responsible for managing IDQ worldwide partner through the entire sales lifecycle and for fulfilment of technical solutions to end customers. In addition, as Product Manager of the Network Encryption portfolio, he is in charge of understanding the business and security requirements of end customers in the area of Quantum Safe Cryptography.
Gilles brings to the role over 24 years of international business development, technical and product marketing management experience.
Before joining LANexpert, Gilles spent more than 10 years at Juniper Networks Ltd., being responsible for the product and solutions marketing for the whole Enterprise portfolio throughout the EMEA region. He was also in charge of the Advanced Technologies division in Juniper, covering Eastern and South-Eastern Europe.
Prior to this, Gilles held a number of EMEA and Asia Pacific positions with Peribit Networks (successful US startup), U.S. Robotics and 3Com.
Quantum-Safe Security – How the threat of the quantum computer compels us to revise our security strategies
However, until recently, manufacturing a quantum computer, in essence a controllable macroscopic quantum object, was seen as mere science fiction, something which might become possible in the faraway future only.
It is now considered that a general-purpose quantum computer could be available within five to ten years. The cyber security community has to integrate this new risk into its strategy.
The aim of this session is to provide the audience with current progress in the field of Quantum-Safe Security. We will explain how to assess the risk to your security infrastructure, and suggest implementable solutions.
|Kudelski Security, Martin Dion, Vice President EMEA Services
Martin Dion is Vice President of EMEA Services at Kudelski Security, previously holding the position of Vice President of Financial Services. Prior to joining Kudelski Security, he founded and led Above Security (Canada) and SecureIT (Switzerland) for over 10 years, after which he stepped into the role of Head of IT and Corporate Security in a private bank in Switzerland.
Martin holds a Bachelor’s Degree in Administration from the Hautes Etudes Commerciales, Montreal and a Diploma in Operational Risk Management from Kaplan University, Chicago. Martin is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and a Certified ISO 27001/20000/27005/22301 Trainer & Lead Auditor.
Bridging the gap between Cybersecurity & the Business
|Microsoft, Philipp Hunold, Lead Cybersecurity Specialist Western Europe
Philipp has more than a decade Cyber Security experience. He consults some of the largest enterprises in Europe how to fight advanced cyber threats, how to increase their cyber resiliency and improve their security posture in a modern environment.
Disrupting the kill chain
Additionally we discuss opportunities to break that attack playbook and why you should protect your privileged credentials.
|Nestlé, Rick Rietdijk, Globe Compliance Team Lead
Security professional for more than 10 years. Initial security expertise in the areas of Identity and Access Management, last few years focus has shifted to ISMS and risk management.
Managing cyber risks across a global organization
|ObserveIT/IBV, Kris Kormany, Business Analyst and Consultant
Kris Kormany, Business Analyst and Security Consultant, has been working with IT-Security products for several years. Always in focus: The human being and our behaviour in regards to critical data.
Having formerly worked as an IT system engineer in multiple environments, Kris has gained expertise in both the technical aspects of a company’s IT-infrastructure and also the organizational and human factors, such as employees’ strengths and weaknesses when it comes to handling critical business data on a daily basis.
Abracadabra! Transforming your internal users − your most vulnerable security link − into your greatest guardians
Join us to learn how to:
|Proofpoint, Adenike (Nikki) Cosgrove, Cybersecurity Strategy EMEA|
Adenike Cosgrove is the Cybersecurity Strategist for EMEA at Proofpoint, where she drives product marketing and strategic initiatives across European markets, and provides expertise on regional challenges such as data privacy and compliance.
Prior to joining Proofpoint, Ms. Cosgrove was global product marketing lead for Email Fraud Protection at Return Path, a division acquired by Proofpoint in the summer of 2016.
Earlier in her career, Ms. Cosgrove worked as lead EMEA advisor to security and risk professionals for Forrester Research and Canalys, where she developed a deep understanding of CISO challenges, and helped clients with their information and cybersecurity strategies.
Ms. Cosgrove holds a Masters of Research, Telecommunications from UCL (University College London).
Fighting the next generation of targetted Business Email Compromise attacks
Learn about the current BEC trends and attack methods, and how your organisation can identify and block these attacks before they reach the inbox.
|Qualys, Leif Kremkow, Director Technology|
Leif Kremkow, Director Technology, Qualys has been with Qualys for over 13 years now. Committed to working with Qualys’ customers to help make the most of the Cloud Platform and its dependant services. Prior to being Director Technology, Leif worked closely with CAC40 enterprise companies as a Technical Account Manager to define custom solutions, carefully respecting corporate culture, fostering user acceptance, and documenting processes.
Leif has been a speaker at various European events, such as Systems, Assises de la Sécurité, RSA Conference, InfoSec, or the CSO Interchange.
A German citizen living and working in France, Leif has a Bachelor of Sciences (Hons.) in Computer Systems and Networks from the University of Plymouth in England.
Hallmarks of a Successful Vulnerability Management Program
|RadarServices Smart IT Security GmbH, Harald Reisinger, Managing Director Service Management, Research & Innovation
Harald Reisinger is co-founder and Managing Director of RadarServices, the Vienna-based European market leader for Managed Detection & Response. He has over 20 years of experience in corporate management in the IT sector. He was the co-founder of Greentube Ltd., an European pioneer of massive multiplayer gaming. Before and during the IPO phase of betandwin.com (today bwin.party digital entertainment plc.) he was a member of their management and IPO team. In 2001, Harald Reisinger founded base-camp GmbH, which developed into one of the largest IT security companies in Austria. RadarServices originated from his idea for a next-generation IT risk management services.
Harald Reisinger studied international business at the Vienna University of Economics and Business and the University of Nebraska at Omaha.
Transforming a Cyber Defence Center into a Value Proposition
We will show you how you can focus on risk remediation and mitigation, but not on the mammoth-task of risk analysis and evaluation by integrating technology, experts and processes. You will learn how you can reduce detection complexity, creating risk transparency and enabling focus on remediation priorities.
|Rapid7, Samantha Humphries, International Solutions Manager
Samantha joined Rapid7 with a wealth of IT Security experience. She’s our resident expert in… well, everything. Her career has seen her through sales, technical support, marketing, channel support, incident response and research management so it’s safe to say, she understands needs from many different perspectives. In recent years, Samantha has been more involved in product and solutions management, and she’s excited to be with you today to talk to you about attacker behavior and incident response.
Lying to know the truth
Join us as we discuss:
|SailPoint, John Waters, Technical Sales Europe|
After graduating in business management, John Waters worked for several years as a business consultant with the main focus on process procedures and organizational structures. In the business process reengineering projects, the issue of governance, risk and compliance has become more important.
At this time John begun to deal with the theme of data governance since virtually all business processes need data exchange as a kind of “fuel” for the processes, But if these data get lost, it will take very high costs and effort to correct the hurt. Lau John, Data Access Governance is not just a matter of data security and compliance, but above all, a very important contribution to business enablement.
|SkyPRO AG, Andreas Fuhrmann, CEO
Andreas Fuhrmann founded the IT service company SKyPRO AG together with his brother Horst after completing his studies as computer engineer at the ETH Zurich . Today the company employs around 50 people and has his headquarter in Cham, Zug, a development center in the Ukraine and a sales company in the USA.
Andreas Fuhrmann has been a consultant for Identity & Access Governance for more than 15 years. During this time he successfully implemented various IAG projects at major banks, insurance companies, industrial companies and public administrations. Due to his practical experience, he has extensive knowledge in the area of Identity Access and Security.
The anatomy of a data breach
|Securosys, Andreas Curiger, Founder & CTO/CSO, President of the Board of Directors|
Dr Curiger has been an information-security professional for his entire business life. He started his career in the semiconductor business designing algorithms and hardware circuits for cryptographic applications. Then he moved on to designing and manufacturing hardware-based high-security solutions for governmental customers worldwide. With Andreas, Securosys is bringing the technology of high-end security that has previously been exclusively reserved to governments, to the enterprise market.
Andreas holds six patents and has authored and co-authored numerous scientific papers on cryptography and hardware design. He earned his M.Sc. and his Ph.D. in Electrical Engineering from the Swiss Federal Institute of Technology (ETH), Zurich, Switzerland, and his EMBA degree from the University of St. Gallen (HSG), Switzerland.
The key to security is in the Hardware — Why we need to use secure Hardware in our ICT Systems
With the consistent implementation of zone concepts (firewalling) and security mechanisms (authentication and encryption), a high protection level is achieved in principle. However, the largest vulnerability is at the interface where unprotected data is encrypted or decrypted using cryptographic keys, or legitimate system users are authenticated. Software alone does not prevent attacks on this interface. Secure and trusted hardware must be used.
This presentation shows why standard hardware is not sufficient at this interface and how dedicated hardware must be built to ensure the security of IT networks — whether the user is a human being, a machine, or a sensor.
|SentinelOne, Andy Norton, Risk Officer – EMEA|
Andy, has been an IT security professional for over 20 years, specializing in helping organizations to measure levels of risk and implement new methods of control, not all of them have been successful, sometimes the technology fails, sometimes the culture fails, sometimes we fail to understand the risk.
However, these failures have occasionally led to great innovation, the development of reputation security at IronPort, was one career highlight, researching field intelligence for FireEye to help boards understand risk was another. His latest chapter is to aid the reform of the whole process of security by baselining with endpoint instrumentation.
|ServiceNow, Myke Lyones, Director and Head of Strategy|
Myke is a Director and Head of Strategy for ServiceNow’s Security Business Unit helping larger companies better respond to imminent security incidents, quickly find indicators and observables of compromise, and effectively remediate known vulnerabilities. Myke has over 16 years experience in information technology and security.
Prior to moving to the Security Business Unit, Myke led ServiceNow’s information security group and was brought on board to help secure the cloud startup while creating a mantra of transparency. He has also held Senior Security positions at Grey Global Group, Y&R, WPP Group, and GE Capital
Break the silos between Security and IT Operations
Listen to Myke Lyons to learn how Security can better collaborate with IT Operations to resolve real threats faster using structured and automated response processes to prioritize and resolve incidents based on business impact.
|Splunk, Alain Gutknecht, Staff Sales Engineer|
Alain is an experienced IT professional and has held a range of engineering roles during the course of his 20-year career. Prior to Splunk, Alain worked for vendors including VMWare, Sun Microsystems and Silicon Graphics.
Best Practices for Scoping Infections and Disrupting Breaches
Listen to this session to hear Alain Gutknecht discuss the specific data sources and capabilities required to determine the scope of an infection before it turns into a breach. See a live incident investigation that demonstrates this approach.
|SUA Telenet GmbH, Markus Martinides, CEO and independent IT Security Audit Expert|
Markus has been in the IT-GRC and Telecom-Network IT-Software and Datacenter Industry for over 30 years. Has been working for Alcatel (now Nokia), ADT (Security Services), Intermec (now Honeywell) and Huber & Suhner Radio & Mobile Communications. In 2001 he started his own business with SUA Telenet GmbH in Schaffhausen Switzerland.
Markus holds a Degree of Electrical and Informatics Engineering from Swiss Federal Institute of Technology (ETH) Zürich 1986. He is specialized in Information and Communication Technology, Project Management and Cloud Based Applications. He is an expert on Privacy, Data-Protection and Encryption in the Health-Industry, Banking, Insurance and Governmental Infrastructure environments.
Security Audits – How secure is your IT landscape?
Security expert Markus Martinides shows in the seminar how to audit all critical system areas during an audit. Based on many practical examples, the lecturer shows how an audit is designed, the costs involved and how the results are implemented.
|Vectra Networks, Matt Walmsley, EMEA Director|
Matt Walmsley is EMEA Director at Vectra Networks. Matt has over 25 years’ experience in helping organisations deploy and secure their network infrastructure having worked in a variety of pre-sales consultancy and technical marketing roles for global technology companies such as Endace, Hewlett Packard and 3Com.
A self-professed “network guy” Matt joined Vectra Networks with a remit to help organisations transform their security response capabilities by using AI powered advanced threat detection solutions. Matt is based in the United Kingdom, and holds a Masters in Business Administration.
Using AI to catch in-progress cyber attacks
In this session, you will learn how different artificial intelligence techniques can be combined to automate the detection of in-progress cyber-attacks within your network. We’ll explain how automated threat hunting can even handle encrypted traffic, whilst still maintaining the privacy of your users. Then we’ll share a case study of a real attack detected using this AI approach.
We’ll close by demonstrating how to integrate such a capability into your existing security technology stack to force multiply your security response capability, and close your cyber detection gap.
|Virtual Solution AG, Thorsten Meyer, Director of Product Management
Thorsten Meyer has been a mobility professional over the last 20-year extensive knowledge in building and managing profitable products with global coverage in the Information & Communication Technology sector. Thorsten has a passion for bringing new communication concepts to the market and defining new ways of collaboration and communication.
Secure Mobile Communication – The Future of Mobile Productivity
New simplified mobility services overcome traditional MDM challenges. This presentation will show you new ideas on how to simplify enterprise mobility while delivering a solution that has high user acceptance and fits your enterprises mobile strategy.
|WEIDMANN ELECTRICAL TECHNOLOGY AG, Florian Büchting (CIO) and Marco Krieg (Corporate IT Services)
Florian Büchting has been the CIO of the company and responsible for the corporate IT services for the last 9 years. Together with Marco Krieg, who has been working in the company’s IT Network and Security service for several years, they face the problem of implementing a reasonable level of IT security due to few business requirements. Finding the happy medium between enough security to protect the company and not interfering with business operations is the challenge.
Workshop: Best practice approaches to information security with limited financial resources and few business requirements
WEIDMANN ELECTRICAL TECHNOLOGY AG, a member of the WICOR group and a global manufacturer of electrical insulation solutions, will briefly present their current situation and would then like to start an open discussion with the audience. Other companies are free to present their situation as well.
|Arnet Consultants, Mark Arnet, owner and former FBI Special Agent
Arnet Consultants, Mark Arnet is a former Special Agent with the FBI, and was certified in computer forensics and trained in Cyber-Crimes and crises negotiations. Mark used his forensics and cyber skills investigating cyber and financial crimes, and crimes against children. Most recently, Mark was a Watch Commander at FBI’s CyWatch in Virginia, and later went on to a lead role in the FBI’s next generation case management software at FBI Headquarters in Washington DC.
Mark’s passion is protecting against cyber threats and is working with Lattis Networks to provide information technology and physical security consulting services to sensitive and classified businesses. Prior to entering the FBI, Mark was an Aerospace Engineer and holds a Bachelor’s degree in Mechanical Engineering and a Master’s degree in Aerospace Engineering.
|Exeon Analytics, Dr. David Gugelmann
Dr. David Gugelmann is a security analytics researcher and the CEO of the ETH Spin-off Exeon Analytics. Prior to founding Exeon Analytics GmbH in 2016, he was a postdoctoral researcher at ETH Zurich in the Networked Systems Group. His research interests are in big data analytics, digital forensics and machine learning for anomaly detection. He combines these areas by developing big data security analytics solutions to summarize and visualize network data.
|Flashpoint, Maurits Lucas, Director Strategic of Accounts
Maurits Lucas is a Director of Strategic Accounts at Flashpoint. As a member of the Business Risk Intelligence (BRI) team, Maurits specializes in bridging the gap between technology and business to address the unique security challenges often faced by today’s executives. He has dedicated himself to analyzing long-term trends and emerging threats emanating from the Deep & Dark Web to help business leaders across the enterprise leverage such information to make informed decisions and mitigate risk.
Previously, Maurits lead the cyber intelligence team at one of Europe’s oldest cybersecurity firms. He was the driving force behind a collaborative portal and unique approach to cyber intelligence. Maurits is a subject matter expert on cybercrime and has had the pleasure of presenting his research numerous times to distinguished audiences all across the globe.
|ISSS, Umberto Annino, President
Umberto Annino, president of the ISSS association with 1’100 individual and company members, has 20 years of ICT experience and has been active in security for 15 years; as a senior consultant as well as a lecturer for information security, technical data protection and IT risk management. In addition to the board activity at ISSS, Umberto is responsible for the education and certification issues at ISACA Switzerland Chapter.
|ISACA, Jiri Ceijka, Dipl. El.-Ing., CISA, Quality Auditor ISO9000
Jiri Cejka has studied Technical University (CVUT) in Prague, Electrical Engineering Faculty (FEL), Technical Cybernetics department, specialised on aeronautical and navigation instruments.
He was long-time developer of Stock-exchange Systems, co-working on development of IT Audits and Governance methods at KPMG as well as IT Audit Leader and Manager of IT Transformation Programme at OC Oerlikon.
He is ISACA member, since 2007 member of Academic Relation Committee of ISACA Headquarters. He was co-working on ISACA Student Book “IT Governance Using COBIT and Val IT” and on the development of IT Governance teaching programme for universities “Model Curriculum for IS Audit and Control”, later reviewing the programme at 28 Universities worldwide. In 2013-14 he’s been co-working on the ISACA strategic study «Role of Information Trust Value professional». In 2015 he wrote an ISACA Article «“Audit of Cyber Risks: Responsibility of Management and Challenge for Auditors».
His areas and competencies are: GRC, IT & Cyber Security, IT Risk Management, Programme Management, BCM and IT Audit.
|modzero AG, Max Moser
Max Moser works at his self-founded company modzero AG as an IT Security Consultant for large and medium-sized businesses. As a ‘paid hacker’ he attacks software and hardware products by order of his customers to test their security or helps customers to improve their overall security.
Max Moser is an active member of the IT Security scene for over 20 years and known for his innovative security research as well as several Open Source projects.
|University of Innsbruck, Christian Sillaber, Researcher
Christian Sillaber is a researcher at the Institute of Computer Science at the University of Innsbruck, Austria. His research interests are in the areas of governance, risk and compliance management and security process engineering.