What’s out there? – Risks in the Internet

Be aware, it is now part of your Corporate Network!

Save the DateKlick for the .ics file to save the date


Target Audience Information Security Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security

From Consultancies and Resellers/Integrators are only technical peoples allowed to take part. Vendors and people with a Sales/Marketing role are not authorized as participants.

CPE Credits Earn 4.5 CPE (Continuing Professional Education) for attending this SIGS Afterwork Event. Please request a confirmation.
Location Hilton Zurich Airport Hotel
Hohenbuehlstrasse 10
8152 Opfikon-Glattbrugg

(there are a lot of free park spaces available)

Date of Event 7th of December 2017
Language English, if non-German speaking people will attend, otherwise German
Schedule see agenda below
Participation Costs Fr. 55.— per participants
Organization, presentations, beverages and aperitif included


1:30 – 2:00 Registration & Coffee
2:00 – 2:00 Welcome & Introduction by the moderator
2:00 – 2:30 Pascal Mittner, CEO at First Security Technology AG

What are the most common vulnerabilities in the Swiss Internet?
On the SANS Top20, the first two places are held from the inventory of hardware and the inventory of software. Knowing your own IT infrastructure is essential to identify vulnerabilities in it. Further, the perimeter attack surface is certainly the first to shrink.

The Swiss Vulnerability Report inventories the Swiss Internet with 20 million IP addresses. A look behind the scenes shows the challenges of topology and software to inventories in a useful time. We will also discuss what is important for vulnerability management and what interesting showed up on our Swiss Vulnerability Report 2017, which is published for the 5th time.

2:30 – 3:00 Hans Irlacher, Regional Sales Manager Switzerland at Zscaler

Fight against the risks in your new corporate network: the Internet
The workplace has completely changed. Employees are no longer behind the fences of traditional network architecture. Today they are in the office hours later in the hotspot of Zurich Airport and hours later in a coffe shop in New York, and during that time they are reading messages and posts on social media with their smartphones.

At the same time, applications are moving in to the Cloud to AWS or Azure and of course Office 365. Can we really handle this with buying more applicances or do we have to rethink our infrastructure?

In this presentation you will get some ideas how you can protect your new and enhance corporate network.

3:00 – 3:30 Sergio Alves Domingues, Chief Technical Officer at SCRT

Breaking in … when there are no walls. Penetration testing in today’s cloud-based corporate infrastructures
More and more companies are moving from on-premise internal applications to Cloud infrastructures and services. In the wake of this trend, critical corporate data is slowly leaving the company’s “internal” perimeter for online service providers’ infrastructures that become the new target for attackers hunting for this data.

If these services often propose a high level of security (sometimes much higher than what was achieved by their on-premise ancestors) they also happen to be outside of the “closed” perimeter and impose different security models. In such a landscape, penetration testers (and actual hackers) often rely on different attack techniques much more targeted at users that technical systems.

This talk aims at presenting such attack techniques and illustrate the major changes in penetration testing (and actual attacks) in today’s corporate environments.

3:30 – 4:00 Andreas Muehlemann, Security Engineer at SWITCH

Workaday life from the Swiss CERT perspective; what’s really out there?
The internet is a basin for good and bad content. Users are exposed to threats every day, administrators try to fight them with all available weapons.

In this presentation we’ll look at some of the “highlights” from the last months and discuss why some incidents could have been prevented if everyone had kept the environment up to date.

4:00 – 4:45 Break
4:45 – 5:15 Olivier Spielmann, Director MSS Operations at Kudelski Security

Swiss Threat Landscape 2017 – A security operations view
This presentation will provide an overview of the Swiss threat landscape in 2017 as seen from a Security Operations point of view. Some real threat examples will be presented in perspective with the current exposure as well as typical mitigations paths that could be followed.

5:15 – 6:00 Lorenz Inglin, Head Security Monitoring & Incident Response (CSIRT) at Swisscom

The risks are real – insights from the Swisscom CSIRT
Almost every day we see headlines about new cyber threats and attacks against organizations of all shapes and sizes. These risks are no longer just hypothetical or concerning some of the larger companies – they became real for everyone and can also impact your business and employees.

In this presentation we will give you some insights about the threat landscape as we see it, give you examples of what we see every day and talk about what Swisscom does against this.

6:00 – 6:30 Panel Discussion moderated
6:30 – open end Apéro Riche & Networking
The speakers will be onsite for Q&A


The Sponsors of this event are:

This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.

So don’t wait and register here if you have a XING account. If you don’t have or don’t like to have a XING account, just send us an email

With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it with its event partners and event sponsors of this specific platform.