SIGS Technology Summit Speakers in 2016
All presentations are held in English
|Cyber Management Alliance Ltd., Amar Singh, CEO & Founder|
Amar Singh is an industry influencer and leader, founder of a not-for-profit organisation Give01Day.com and the Cyber Management Alliance and Chair of ISACA’s UK Security Advisory Group. Amar is engaged as a trusted business and cyber security advisor, mentor to C level executives, and a consultant to organisations who need to reduce their risk exposure, deploy post incident remediation, build security teams, increase cyber resiliency and mature their information security and data privacy posture.
Amar’s client profile includes News International (now News UK), Siemens, the BBC, Reuters, BP, ATOS, Gala Coral, Cable & Wireless, SABMiller and many more. Several of the world’s prestigious media organisations and publications regularly seek and publish Amar’s counsel and guidance, including: The BBC, Financial Times, Al Jazeera, The Economist, The Guardian and The Daily Telegraph The Economist’s Intelligence Unit (EIU) invited Amar to the London Stock Exchange to share his insights on information risk management Amar launched The Financial Times’ CISO video series Amar has featured in a number of prestigious publications including: Institute of Chartered Accountants for England and Wales The Counter Terror Business Magazine Regular contributor to publications including Computer Weekly, SC Magazine, InfoSec and others Featured on the cover of SC Magazine
Now or Never! Why we need to get Cybersecurity right today!
Furthermore, the line between virtual cyberspace and the real world is starting to blue as cyber attacks start to impact the physical world. In the near future, our very lives will depend on the security, the stability and the integrity of our connected world. Ignoring the safety of Cyberspace will have dire consequences wrong may have long standing consequences to our lives. It’s now or never.
Why the CISO should report to the board – based on the example of an Incident Response Approach to Cyber Attacks
Join Amar Singh in an interactive workshop where you will work to map out and create a live cyber incident response plan. This is your chance to get involved and share your insights and experience and learn from your peers. In addition you will get valuable insight how you can reach the appropriate attention from your management.
|e3 CSS AG, Michael Hoos, CEO
Developing a security product in Europe was always his dream. E3 CSS AG made the dream come true by developing Centraya in Zurich. After working 16 years for Symantec as Senior Director for Specialist Sales, Presales and Consulting he took the opportunity to be part of a security product development here in Europe from day 0 on. Since 2014 the team and Michael work on Centraya – a central cloud access security broker.
Michael works since 1997 in the IT security industry. He has been responsible for some of the largest IT security projects in Central Europe – from endpoint protection to gateway security.
Safe Harbor, Privacy Shield and Espionage: go Cloud or stay home?
|ISF Limited, Steve Durbin, Managing Director
Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of focus include strategy, information technology, cyber security and the emerging security threat landscape across both the corporate and personal environments. He is a frequent speaker and commentator on technology and security issues.
Steve has considerable experience working in the technology and telecoms markets and was previously senior vice president at Gartner. He has served as an executive on the boards of public companies in the UK and Asia in both the technology consultancy services and software applications development sectors.
Steve has also served as a Digital 50 advisory committee member in the United States, a body established to improve the talent pool for Fortune 500 boards around cyber security and information governance. He was ranked as one of the top 10 individuals shaping the way that organizations and leaders approach information security careers in 2014. Steve is currently chairman of the Digiworld Institute senior executive forum in the UK, a think tank comprised of Telecoms, Media and IT leaders and regulators. He is a Chartered Marketer and a Fellow of the Chartered Institute of Marketing.
The emerging threat landscape: how to keep ahead in cyberspace
Prompt action is required to interpret an increasingly complex threat horizon which could place organisations and their goals at risk.
|Venafi, Kevin Bocek, Vice President Security Strategy & Threat Intelligence|
Kevin Bocek is responsible for security strategy and threat intelligence at Venafi. He brings more than 16 years of experience in IT security with leading security and privacy leaders including RSA Security, Thales, PGP Corporation, IronKey, CipherCloud, nCipher, and Xcert.
He is sought after for comment by the world’s leading media such as Wall Street Journal, New York Times, Washington Post, Forbes, Fortune, BBC, Süddeutsche Zeitung, USA Today, Associated Press, Guardian, and Telegraph along with security press including SC Magazine, Dark Reading, and Network World.
World at a crossroad – “Will we be able to secure our cyber world, or not?”
The foundation of cybersecurity in our organisations are the tens of thousands of keys and certificates the authenticate and encryption communications for websites, virtual machines, software, mobile devices, containers and cloud servers. Protected, they ensure trust and privacy in digital communications and connections. But if just one critical key or certificate is left unmanaged or unprotected, the entire cybersecurity foundation is placed in jeopardy.
With Gartner expecting 50% of network attacks to come over encrypted TLS traffic by 2017 and certificates of all types the interest of cybercriminals and governments, it is essential that keys and certificates are managed and protected in the datacenter, on desktops, on mobile and IoT devices, and in the cloud.
Discover a new approach to thinking about cybersecurity, so you strengthen all the security controls to protect customers, business, data and brand.
|Zscaler, Dr. Manoj Apte, Senior Vice President of Product Management|
Dr. Manoj Apte is a veteran network security executive with over 15 years of experience developing high performance networking and security systems.
Prior to Zscaler, Manoj held engineering and product line management positions at Juniper Networks, where he created and launched Juniper’s 10G IPS (Intrusion Prevention System) appliance. Prior to Juniper, he worked on real-time embedded platforms at various companies.
Manoj holds more than a dozen patents and has contributed to the Cloud Security Alliance since its initial charter. He earned a PhD in Real-Time Embedded Systems from Mississippi State University and holds a B.Tech. in Aerospace Technology from IIT Bombay.
Transforming network infrastructure and Internet security for a changing business-world
This presenatation covers:
|Akamai Technologies, Marco Fullin, Solutions Engineer|
Marco is a Solutions Engineer at Akamai Technologies in Switzerland. He is a Certified Information System Security Professional (CISSP) and brings more than 10 years of experience in managing various IT Security projects including security consultancy, ethical hacking, and forensics.
He has a wealth of experience in IT Security, Networks, Datacenter and E-Business. He has worked for different companies, including Internet startups, Carriers and IT-Integrators in various roles such as Systems Engineering, Presales, Project Management, Engagement Management and Solution Engineering.
The Future of Web Attacks
The presented, quarterly security reports from Akamai are based on data collected during recent cyber-attacks against the global Akamai customer base. Through data forensics and post-attack analysis, Akamai presents a global view of attack trends and new cybersecurity threats to enable businesses to make intelligent, strategic decisions.
|Avecto, Andrew Avenessian, VP of Technology|
Andrew initially established Avecto’s consultancy (pre and post-sales) and technology services (support and IT.), developing them from the ground up into world class offerings. Now responsible for the strategic direction of pre-sales consultancy, he regularly provides security and technology advice to large global enterprises. His background in IT infrastructure ensures he can clearly translate complex requirements, finding technical solutions to commercial challenges. With a keen interest in cyber security and the end user experience, Andrew is a regular contributor to press articles and security events.
Social Engineering: lessons learnt from history
With real examples of social engineering and high profile hacks, Andrew will explain why good security is easy with solid foundations in place. He will share insight and tips of where to start with a defense in depth security strategy that really works in the ongoing quest against cyber threats.
|Bromium, Rafal Wojtczuk, Principal Security Architect|
Rafal Wojtczuk has over 15 years of experience with computer security. Specializing primarily in kernel and virtualization security, over the years he has disclosed many security vulnerabilities in popular operating system kernels and virtualization software. He is also well known for his articles on advanced exploitation techniques, including novel methods for exploiting buffer overflows in partially randomized address space environments.
Recently, he was researching advanced Intel security-related technologies, particularly TXT and VTd. He is also the author of libnids, a low-level packet reassembly library. He holds a Masters Degree in Computer Science from the University of Warsaw.
Lessons learnt from the history of vulnerabilities in hypervisors
One of the key value propositions of hypervisors, as they relate to security, is to shrink the attack surface. However, in the quest for new features and functionality some trade-offs are made, which can prove to be fatal. While discussing the particular problems, we will examine what the strong (and weak) security-related features of hypervisors are.
We compare the attack surface of hypervisors with that of user mode applications and operating systems kernels, and show that the purpose and design of the hypervisor significantly changes its attack surface size. Most importantly, we make a fact-based argument that many hypervisors aren’t designed with security in mind.
We show how superfluous code and poor design can be punished by demonstrating real examples of hypervisor breakouts. The presentation ends with lessons learnt, and recommendations for hypervisor design and approaches that can be taken to harden them.
|Cisco, René Räber, Distinguished Engineer|
Rene Raeber is one out of the 35 Worldwide Distinguished Engineer‘s in Cisco, working in the Worldwide Datacenter Organisation at Cisco.
Rene’s function covers the WW Datacenter Strategy and definition of Cisco’s go to market strategy for our Sales Field Forces as well as Field Engineering education, Datacenter Strategic Accounts and Key Project support in the Commercial, Enterprise, Public Sector and Service Provider market segments. In addition, Rene is responsible for a gateway function towards the Datacenter Business Unit divisions, in order to ensure that Cisco’s customer requirements are represented and fulfilled in product development.
His span of responsibility also covers internal field engineering education, partner technical readiness, and representation of Cisco’s Datacenter technologies in key marketing initiatives; technical seminars, press and thought leadership writing datacenter publications.
Rene is one out of 10 Cisco Datacenter Patent reviewer and one of the Key Datacenter Architects in Cisco, having been recognized for excellence awards on several occasions.
Have you ever heard about how to achieve and simplify compliance through policy abstraction and modeling?
ENISA – the European Union Agency for Network and Information Security, working for the EU Institutions and Member States. ENISA is the EU’s response to the cyber security issues of the European Union. As such, it is the ‘pace-setter’ for Information Security in Europe, and a centre of expertise.
The objective is to make ENISA’s web site the European ‘hub’ for exchange of information, best practices and knowledge in the field of Information Security. This web site is an access point to the EU Member States and other actors in this field. ‘ENISA – Securing Europe’s Information Society’.
More information at https://www.enisa.europa.eu/
Panel Discussion: Spot on cyber-threats
Interesting topics for this discussion (indicatively) include: improve access to threat information, presenting threat information, developments in related protocols (STIX, TAXII), exploiting the Dark Net, threat agent modelling, end-user needs, tools, etc.
For this panel, ENISA has invited its threat landscape stakeholder group consisting of internationally recognised individuals in the area of threat intelligence. The members of the ENISA Stakeholder group are: Paolo Passeri, System Engineer, Consulting, UK -Pierluigi Paganini, Chief Security Information Officer, Telecoms, IT – Paul Samwel, Lead Security Architect, Banking, NL – Tom Koehler, Executive Vice President, Consulting, DE – Stavros Lingris, IT-Official, CERT, EU – Jart Armin, Internet Security Researcher, Worldwide coalitions/Initiatives, International – Thomas Haeberlen, Federal Office for Information Security, DE – Neil Thacker, Information Security & Strategy Officer, Consulting, UK – Margrete Raaum, Leader, CERT, NO – Shin Adachi, Security Analyst, US – R. Jane Ginn, Consulting, US.
For this panel, ENISA has invited members of the landscape stakeholder group. Contributions from Jane Ginn, Thomas Haeberlen, Stavros Lingris, Paul Samwel, Pierluigi Paganini, Neil Thacker and Jart Armin are planned. Louis Marinos, ENISA will moderate the discussion.
The event is structured in two units: in the first hour, panellists will present their position statements on issues and trends in the area of cyber threat intelligence. After the break, the discussion will address topics and questions brought up by the participants.
|Forcepoint, Neil Thacker, Information Security & Strategy Officer EMEA|
Neil Thacker, CISSP, CEH & OPST is Information Security & Strategy Officer, EMEA for Forcepoint. Neil holds 15 years’ experience in the Information Security industry with 10 years financial services experience in the insurance and banking arena. Neil is a member of the ENISA Threat Landscape stakeholder group where he contributes to the EU agency program. Neil is also co-founder of the Security Advisor Alliance, a not-for-profit organisation formed to help security leaders in their role.
Cloud First Security Resilience: Considerations and Solutions
* IDG Enterprise survey of IT buyers, reported in CIO Magazine November 19, 2015
|Fortinet, Simon Bryden, Consulting Systems Engineer|
Simon Bryden is a consulting systems engineer at Fortinet. Simon represents FortiGuard labs in the EMEA region, promoting Fortinet’s threat intelligence capability both internally, and to customers and partners.
Simon brings a wealth of experience from over 25 years in the IT and security industry and before joining Fortinet, held engineering and product management positions in a variety of vendor, integrator and end user companies.
The current threat landscape and how to deal with it
After looking at some of the trends and directions that today’s attacks are taking, we will look at key challenges facing the enterprise, and how they can be addressed by leveraging the latest developments in security technologies, combined with constantly updated threat intelligence.
|Fraunhofer AISEC, Dr. Julian Schütte, Senior Researcher|
Dr. Julian Schütte (m) is a senior researcher and head of the group “Service and Application Security” (SAS) at Fraunhofer AISEC. Fraunhofer AISEC’s mission is to transfer insights and developments from security research into practice. Within AISEC, the SAS group is mainly concerned with the security of cloud and mobile applications, specifically the automatisation of program analysis and vulnerability testing, as well as the hardening of applications. Julian has more than a decade of experience in mobile security research and has led several research projects in this field. He is author of several dozen of publications and has developed the tool App-Ray for automated mobile app analysis.
Fully automated discovery of vulnerabilities in Android apps
However, the Android security model is a moving target and updates of the Android framework have introduced thousands of security relevant changes in the past. Under these conditions, assessing the security of an app according to userspecific requirements is hardly possible. This talk will shed some light on complex vulnerabilities in Android apps and ways to discover them automatically.
|Intel Security, Rolf Haas, Enterprise Technology Specialist EMEA|
Rolf Haas is an enterprise technology specialist, in the Content & Cloud Security division of Intel Security. With more than 22 years of experience in IT security, Haas has built up an extensive technical knowledge gained through global hardware, software and services. He provides structured and innovative approaches to solving complex technical issues as well as solutions and responses to both end-users and channel partner whilst developing lasting customer relationships.
Threat Predictions Cyber Threat Landscape 2016
|keyon AG, René Eberhard, CEO|
René G. Eberhard has more than 19 years of experience in the IT security area . He’s one of the founders of keyon and as CEO also involved in strategic security projects of major customers.
Classify or Die
The presentation shows the need to classify and protect data as requirement for Data Loss Prevention, Secure Collaboration and the step into the Cloud – more information at https://www.keyon.ch/de/News-Medien/2015/keyon-classify-or-die.pdf
|Kudelski Security – Jean-Philippe Aumasson, Principal Cryptographer at Nagravision SA
Jean-Philippe (JP) Aumasson is Principal Cryptographer at Kudelski Security, in Switzerland. He designed the popular cryptographic functions BLAKE2 and SipHash, and the new authenticated cipher NORX.
He has spoken at Black Hat, DEFCON, RSA, CCC, SyScan, CHES. He initiated the Crypto Coding Standard and the Password Hashing Competition projects. JP co-wrote the 2015 book “The Hash Function BLAKE”, and tweets as @veorq.
Quantum computing and post quantum crypto
What does that mean? Should we be scared? What’s a quantum computer in the first place? This talk will give you honest answers to those questions based on the latest research. After this talk you’ll be able to better assess the risk of quantum computers, to debunk misleading claims, and to ask the right questions.
|Ping Identity, Hans Zandbelt, Principal Solutions Architect CTO Office
Hans Zandbelt is a Principal Solutions Architect in the CTO office of Ping Identity covering the EMEA region. He holds an MSc. degree in Computer Science, Tele-Informatics and Open Systems, at the University of Twente. He has over 20 years of experience as a technical leader in research and innovation projects, including digital identity initiatives.
In 2007 he joined SURFnet as the architect and technical product manager of SURFfederatie, the national infrastructure for federated Single Sign-On for the research- and higher education community in the Netherlands. Since 2011 he joined Ping Identity and works on Single Sign-On, Cloud Identity & Access Management and large scale deployments of federation technologies such as SAML 2.0 and OpenID Connect.
From WAM to FAM – the Evolution of Access Management
In this breakout session, learn how to bring your access management solution into the new millennium. We’ll explore the key benefits of modern access security:
We will also demonstrate how to turn technology into solutions with a consulting methodology that quickly, comprehensively and independently discovers the opportunities of Cloud Access Management for your business, involving all relevant stakeholders.
|ProtonMail, Dr. Andy Yen, Co-Founder/CEO (on behalf of Radware)|
Dr. Yen one of the creators of the encrypted email service ProtonMail. Today, ProtonMail is the world’s largest secure email service with millions of users in over 150 countries. Together with a team of scientists at Swiss based Proton Technologies AG, Andy is helping consumers and enterprises secure their communications by making encryption technology easier to use and more cost effective.
Prior to creating ProtonMail, Andy was a particle physicist at CERN working on the Large Hadron Collider, the world’s largest particle accelerator. Andy received his PhD in Physics from Harvard University, where his research focus was on supersymmetry and scientific
Switzerland under attack: Lessons from the ProtonMail DDoS attack
In this presentation, Dr. Yen describes how ProtonMail and Radware’s Emergency Response Team (ERT) worked together to mitigate the attack and put together a comprehensive, long term solution.
DDoS is a growing threat faced by companies in Switzerland and careful planning and preparation is required to mount a successful defense. Key considerations to keep in mind when designing a comprehensive DDoS solution are discussed, along with unique insight gained from the ProtonMail attack.
|Rapid7, Pim van der Poel, Regional Manager|
Pim Van der Poel has over 20 years of experience in the IT security industry, amongst this, includes his VP role at Internet Security Systems (acquired by IBM in 2006) and VP of EMEA and APAC at Ultimaco. A particular career highlight has been his involvement in the successful launch of ScanSafe, the global leader in Cloud Web Security – later acquired by CISCO. Prior to joining Rapid7 to lead the DACH region, he led the German team of the data protection providers, Digital Guardian.
Moving Cybersecurity Focus From Prevention to Detection & Response
Join Pim van der Poel at Rapid7, to discuss:
|Resilient Systems, Arne Jacobsen, Country Manager DACH|
Arne Jacobsen is the Country Manager for Germany, Austria and Switzerland at Resilient Systems. He is responsible for driving revenue growth and customer success in the DACH region.
Prior to joining Resilient Systems, Mr. Jacobsen was the Managing Director, Central EMEA for Qualys. He has considerable experience in the European information security industry and has held management positions at Varonis, McAfee and Safeboot. Mr. Jacobsen has a Diploma from the University of Frankfurt in Business Administration.
Cyber Resilience – Industry Best Practice in Managing Security Incidents
This session will look at the latest research from US and European companies into their state of cyber resilience, as well as industry best practice and key indicators for companies to consider in improving their cybersecurity readiness.
|RSA, Ralf Kaltenbach, Director DACH & Eastern Europe|
Since January 1st 2016 Ralf Kaltenbach is in charge of RSA’s Advanced Security Operations Center business in Germany, Austria, Switzerland and Eastern Europe. He held various senior management positions before, such as Regional Director RSA in Germany and Head of Sales in EMC Central.
Before he joined EMC in 2012 he was 12 years with Cisco. Ralf holds degrees in telecommunications and economics (Diplom-Ingenieur/Diplom-Wirtschaftsingenieur). He specialized in Security, Information Technology and Finance.
Modern Cyber Risks – why traditional security methods are falling short
To be one step ahead it is crucial to implement complete visibility to detect, investigate, and take targeted action against even the most advanced of attacks – before they can impact the business. The presentation gives an overview about most relevant critical success factors to defend against most recent cyber threats.
|RUAG Defence, Rocco Mandrysch, Security Researcher|
Rocco Mandrysch works as a Security Researcher in the Research and Development Group of the Ruag Defence Cyber Security Department. His main field is the analysis of the malware network communication with data mining approaches.
He studied Physics at the University of Hamburg and made his PhD in Physics at the Humboldt University Berlin. After this, a Position at the University of Iowa based at CERN followed as the convener of the Performance Management Board for the software in the ATLAS Science Collaboration.
Hidden Information in the DNS Protocol
In company networks with high numbers of participants, it is very difficult to monitor and classify the DNS requests and replies in order to find those being used for illegal purposes.
We present an approach for calculating evidence of hidden information within the DNS protocol.
|SailPoint, Mark Oldroyd, Technical Partner Enablement Manager|
Mark Oldroyd is currently Technical Partner Enablement Manager for SailPoint in Europe, responsible for technical pre-sales education and training across the extensive SailPoint partner community. Mark has been with SailPoint for over four years, working in both partner-facing and sales engineering roles. With over 13 years of experience in the Identity Management and Security areas, he has worked with many of the leading technology vendors and solutions.
Putting Identity @ the Center of Security
The session will discuss the importance of this evolution, and how security focus areas such as SIEM, DLP, PAM, MDM, GRC, etc. can all benefit from the concept of identity. It will show how SailPoint is tackling this issue from a practical perspective across both structured and unstructured data environments, through it’s comprehensive solution set, integration capabilities and industry partnerships.
|Securosys, Marcel Dasen, Vice President of Engineering|
Marcel Dasen is Vice President of Engineering at Securosys SA. He has more than two decades of experience in the tech industry as a engineering manager, CTO and CEO. He graduated from ETH Zürich with a Masters in Computer Science.
Marcel has been responsible for the design of semiconductors and software for consumer and automotive electronics, including industry leading digital transmission protection such as DTCP, Apples MFi and Microsoft’s digital rights management.
Where are your keys?
In his talk Marcel Dasen will present different systems managing keys and corresponding vulnerabilities. He will then make the case for a hardware based keystore using a hardware security module (HSM) and show how the MS-PKI System can efficiently be secured by attaching it to an HSM.
|Tenable Network Security, Florian Hammers, Security Specialist|
Florian Hammers, Security Specialist at Tenable Network Security GmbH, works since 2008 in IT-Security.
Before he joined Tenable, he was with Kaspersky Labs, where he was responsible for designing and implementing endpoint security solutions at enterprise customers.
Re-active Vulnerability-Scanning was yesterday – The evolution of Vulnerability-Management
In this presentation you will learn how Vulnerability Management moved away from being a re-active method that merely provides snap shots of the network, towards pro-active Continuous Network Monitoring that gives you a complete picture of the network at any time and helps you avoid exploits and data leaks.
|TITUS, Craig Adams, EMEA Director|
Craig Adams leads TITUS business in Europe, the Middle East and Africa, driving revenue growth for the company and helping customers deliver value from their implementation of TITUS solutions.
Prior to joining TITUS, Craig ran HP Enterprise’s Information Governance software business in EMEA. He has an extensive background as a technology and business consultant in the Information Management space, previously working for such companies as Documentum, Open Text and Getronics. Craig regularly speaks at industry conferences and roundtables.
Tackling Insider Threats with Data Discovery and Classification
Organizations often become hung up on using technology to combat external breaches, and the insider threat doesn’t get the attention it deserves. While a great deal of time and energy must be spent on trying to stop hackers who are maliciously and intentionally trying to steal information, another big challenge for IT security departments is the threat of authorized internal users who have legitimate access to sensitive information. Being able to accurately identify the sensitivity of corporate documents so that the proper controls can be enforced is a good start in addressing insider threats. Classification can help ensure that information is accessed by only the right people.
In this session, Craig Adams will review the challenges and strategies that organizations can use to effectively manage insider threats with data discovery and classification.
|University Innsbruck, PD Dr. Michael Felderer|
PD Dr. Michael Felderer is a senior researcher at the Institute of Computer Science at the University of Innsbruck, Austria. He holds a PhD and habilitation degree in computer science. His research interests are in the areas of software and security engineering.
No Risk, No Test: Successful Security Testing with Risk-Orientation
The recent testing standard ISO/IEC/IEEE 29119 and the OWASP Testing Guide are therefore explicitly risk oriented. But for many organizations the integration of risk-based testing into an existing test process is a challenging task.
In this talk we present guidelines and experiences based on recent studies for the successful integration and application of risk-based testing.
|University Innsbruck, Dr. Thomas Trojer, Scientific Staff|
Thomas Trojer received a PhD degree in computer science from the University of Innsbruck, Austria, in 2015. He is currently associated as a post doctoral researcher with the Institute of Computer Science at the University of Innsbruck and was a visiting researcher at the Faculty of Business and IT at the University of Ontario, Canada.
His research interests are mainly in IT architecture management, data privacy and access control, electronic health record systems and model driven software development.
IT-Architecture Intelligence for Risk- and Security Analyses
In this talk we present our method and tool support to maintain a living IT-Architecture model that reflects the organization-specific assets of a company. This model can be used to perform analyses that were impossible before. Our talk targets security responsibles, enterprise architects and operations managers.
|Varonis Systems, David Lin, Country Manager|
David Lin has worked for almost a decade in the IT security sector. Whilst his career has spanned small, medium and large companies, the focus always remains on the value the customer can get out of each solution: whether it be on a security level, operational excellence or achieving usability enhancements.
How do you spot the insider threat?
2015 was a remarkable year for insider threats. It’s estimated that the average organization suffered from 3.8 insider attacks last year and 45% of businesses can’t tell if they’ve suffered a breach.
Organizations have to face the new reality that it is not a matter of if they will be breached, but when they will be breached. Attackers are already inside – either rightfully as an employee or contractor, or through legitimate but compromised credentials as an outside hacker. Their presence on a network wouldn’t necessarily look suspicious to IT, but their activity would likely appear anomalous. Still, users’ behaviour on many internal systems is rarely monitored or analyzed.
This session will review a User Behaviour Analytics methodology for connecting disparate sets of data to detect signs of a breach, arrest the actions, and recover from the incident.
Attend this session to learn:
|Vectra Networks, Günter Ollmann, Chief Security Officer
Günter Ollmann is chief security officer at Vectra. He has nearly 30 years of experience in information security in an array of cyber security consultancy and research roles.
Before joining Vectra, Günter was CTO of Domain Services at NCC Group, where he drove strategy behind the company’s generic Top Level Domain (gTLD) program. He was also CTO at security consulting firm IOActive, CTO and vice president of research at Damballa, and chief security strategist at IBM. Günter is a widely respected authority on security issues and technologies and has researched, written and published hundreds of technical papers and bylined articles.
Originally, Günter had wanted to be an architect but he lost interest after designing retaining walls during a three-month internship. After that, he qualified as a meteorologist but was lured to the dark side of forecasting Internet threats and cyber attacks. His amazing ability to see dead people stoked an interest in history and first-millennium archaeology. Günter holds a Bachelor of Sciences degree in Applied Physics and Mathematics and a Master of Sciences degree in Atmospheric Physics from the University of Auckland.
In a World of 100% Encrypted Traffic, Who Wins?
Certainly, being able to inspect the content layer makes things easier for non-obfuscated communications, but even if things are encrypted there are techniques and approaches that can separate out malicious and unwanted communications from legitimate business traffic.
|ETH Zurich, Dr. David Gugelmann|
David Gugelmann is a postdoctoral researcher at ETH Zurich. His research interests are in digital forensics, machine learning and visualization for anomaly detection, communication networks, and privacy protection. He connects these research areas primarily for the analysis of Web traffic by applying big data techniques to summarize and visualize network activities.
|University of Innsbruck, Christian Sillaber, Researcher|
Christian Sillaber is a researcher at the Institute of Computer Science at the University of Innsbruck, Austria. His research interests are in the areas of governance, risk and compliance management and security process engineering.
|Zurich University of Applied Sciences (ZHAW), Bernhard Tellenbach, Senior Lecturer of Information Security|
Bernhard Tellenbach is a senior lecturer of Information Security at the Zurich University of Applied Sciences (ZHAW) in Winterthur. He works at the Institute of Applied Information Technology (InIT) and leads his teachings in the field of information security through the course of applied research and development projects. His interests and research focuses on the protection and monitoring of communication networks as well as computer and network security in general. His other activities include security analyses and audits of information systems in banks and insurance companies. Bernhard Tellenbach is President of Swiss Cyber Storm, an organization with the aim of promoting and finding talented young people a career in information security.