SIGS Special Event – Why commercialization of Cybercrime requires a Next-Gen Defense
|Target Audience||Information Security Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security
From Consultancies and Resellers/Integrators are only technical peoples allowed to take part. Vendors and people with a Sales/Marketing role are not authorized as participants.
|CPE Credits||Earn 4.25 CPE (Continuing Professional Education) for attending this SIGS Afterwork Event. Please request a confirmation.|
|Location||Hilton Zurich Airport Hotel
There are a lot of free park places available.
|Date of Event||31st of May 2017|
|Language||English, if non-German speaking people will attend, otherwise German|
|Schedule||see agenda below|
|Participation Costs||Fr. 55.— per participants
Organization, presentations, beverages and aperitif included
|2:00 – 2:30||Registration & Coffee|
|2:30 – 2:30||Welcome & Introduction by the moderator|
|2:30 – 3:15||lic. jur. Stephan Walder, stv. Leitender Staatsanwalt, Kanton Zürich, Direktion der Justiz des Innern, Staatsanwaltschaft II, Kompetenzzentrum Cybercrime
Cybercrime Strafverfolgung: Möglichkeiten und Grenzen (Präsentation in Deutsch)
Derzeit ist ein Trend zu Deliktskomplexen feststellbar, die einzig auf unrechtmässige Bereicherung ausgerichtet sind, wie bspw. die Phänomene Phishing, Ransomeware und praktisch alle Formen von Fraud, während sog. Skript-Kiddies und reine Hacktivists eher selten geworden sind. Es hat sich eine regelrechte Schattenwirtschaft gebildet, wo sich dienstleistende Täterschaften austauschen und organisieren. Diese Kooperationen funktionieren bestens, sind zum gegenseitigen Schutz anonym und generieren sehr hohe Schadenssummen. Um diese Täterschaften zu identifizieren und zu lokalisieren sind neben Know-How und genügenden Ressourcen das ganze Spektrum von strafprozessualen Zwangsmassnahmen nötig, namentlich geheime Überwachungsmassnahmen und verdeckte Ermittlungen/Fahndungen. Wenn auch im Gegensatz zu gewissen TV-Serien nicht in jedem Fall ein Treffer resultiert und stets auch eine Portion Glück willkommen ist, gelingt es mit entsprechendem Herzblut und einem erfahrenen, interdisziplinären Team regelmässig, eine Täterschaft aus dem vermeintlich “rechtsfreien” virtuellen Raum hinaus zu reissen und einem sehr realen Strafprozess zuzuführen.
|3:15 – 4:00||Gaetan van Diemen, Product Manager Cyber Threat Intelligence at Fox-IT
Evolution of the threat landscape – behind the scene
This presentation will provide an overview on the whys and wherefores of the ongoing cat-and-mouse game between criminals and security experts.
|4:00 – 4:30||Jörg von der Heydt, Channel Director DACH, Skybox Security
Commercialization of Crimeware Demands a New, Threat-Centric Approach to Vulnerability Management
In recent years, cybercriminals have organized, automated and outsourced fraud techniques, resulting in an increase in commercial packages of complex threats. This productization of cybercrime is making it harder for organizations to keep up: the tools that overworked security teams rely on to discover and mitigate vulnerabilities don’t match the exploit tactics used by the criminals. So, what is the best approach in light of this dynamic threat landscape? How should security leaders stand up to the growing threat of industrialized cybercrime?
According to a 2016 Gartner report*, most organizations today follow a policy of “gradual risk reduction, with vulnerability and patch management policies focused on mitigating and patching a percentage of vulnerabilities in a given time frame.” For example, many vulnerability management programs use CVSS scores that are based on “low, medium, high and critical” risk values, often with thousands of vulnerabilities rated as “critical” that need to be remediated right away. This approach is ineffective because it turns vulnerability management into a game of chance, where risk is disconnected from what is truly being exploited in the wild or the context of the organization’s network.
Recent reports show that the majority of successful breaches are executed by threat actors that use and re-use a subset of old vulnerabilities whose exploits are being commercially exchanged in the “Dark Web.” By identifying these vulnerabilities — those for which exploits exist in the wild and are being used in attacks —and combining this information with CVSS scores and contextual intelligence of an organization’s IT environment, security leaders can change the game. They gain a true understanding of not only the potential impact and severity of a vulnerability but also the probability of exploitation. This threat-centric vulnerability management augments gradual risk reduction by considering multiple factors inside and outside the organization. It’s a new approach to vulnerability management that requires comprehensive understanding of an organization’s attack surface combined with the prioritization of vulnerabilities by potential, imminent and actual threat levels. Using this approach, security leaders gain the advantage of integrated intelligence, including what vulnerabilities are truly being targeted by adversaries and threat actors in the wild.
When you leave, you will understand:
|4:30 – 5:00||Break|
|5:00 – 5:30||Dr. Christopher Brennan, Regional Director DACH at Skybox Security
Adaptive Security Through Complete Attack Surface Visibility – How changes in Business and Technology signal the need for security to change
Today’s security landscape is being influenced by three key drivers: Changing business approaches, evolving technology and impact of a breach.
With this in mind, how do security leaders ensure their protections can handle the changes in business and technology, which are increasing the size and complexity of the attack surface, as well as the reality and potential impact of a breach?
Discuss questions such as:
|5:30 – 6:00||Oren Arar, Regional Director EMEA at OWL Cybersecurity
Cybercrimes Marketplaces – Darknet-led Threat Intelligence (DARKINT)
On this presentation, I’ll share best-practices on how to use DARKINT as part of a threat intelligence feed, give real-life examples of threats and what can be found on the darknet and discuss how monitoring the darknet can improve an organization’s defense strategy.
|6:00 – 6:30||Panel Discussion moderated|
|6:30 – open end||Apéro Riche & Networking
The speakers will be onsite for Q&A
The Sponsor of this event is:
This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.
With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it with its event partners and event sponsors of this specific platform.