CONTENTS OF LECTURES 2019
The world of computer security keeps changing. To understand and to fight the attacks, we need to understand what’s happening. Mikko Hyppönen will look at the latest big hacking cases and reveal what really went on. What are the threats? Who are behind the attacks? How can they be fought?
Breakfast with Pete Finnigan - Challenges In Securing Oracle & Review The Security Of An Oracle Database
Challenges In Securing Oracle
Securing an Oracle database can be a complex task. The process often focuses on hardening and patching but we must consider the security of the data itself as well. We as customers of Oracle are also dealing with legacy applications and code not designed with data security in mind. In this talk Pete explores all of the main issues that people using Oracle can face and what are the key areas to focus on.
Review The Security Of An Oracle Database
In this talk Pete will do a live demonstration of using custom software tools to assess the security of an Oracle database, server supporting it and code that runs in the database. This will be a live walk-through with advice on how to do the same for yourself on your own Oracle databases and also how to get tools to help you secure Oracle.
Cybersecurity - Weakest link or the biggest challenge
It is prevalent in the current digital world that information is the primary asset for organisations and the most vulnerable. Studies and researches highlight the fact that Cybersecurity incidents occur due to a lack of awareness, the weakest link and the biggest challenge. The landscape of technology is distributed across the globe increasing the information risk, exponentially and making the ecosystem more vulnerable for cyber-attacks. Who is responsible for this, and what can you do about it?
This lecture will provide delegates with the necessary insights into the Cybersecurity aspects for protecting information assets. It will include an overview of key considerations, a framework that can be used to shape the security approach, backed up with several case studies.
• Recognise the gaps in the current analysis using a real-life incident
• Understanding the key security components
• Enhanced skills to perform in the digital world
Cybersecurity for Industrial Control Systems and Cybersecurity for Crypto-economy. What is in common?
Corporate environments focus on protecting confidential data; when it comes to industrial systems, where every minute of downtime or error counts, uninterrupted operations are the ultimate priority. This is what distinguishes industrial cybersecurity from other domains. Kaspersky Industrial Cyber Security is a portfolio of technologies and services designed to secure operational technology layers of your organization – including SCADA servers, HMIs, engineering workstations, PLCs, network connections and even engineers – without impacting on operational continuity and the consistency of technological process. SECOND TOPIC: Everyone heard about Blockchain, but not everyone really knows its real-life use-cases, and dangers that may arise. Blockchain technology is becoming an integral part of the business process in large companies worldwide. Following the innovations Kaspersky has developed the new Enterprise Blockchain Security service to mitigate the risks of attacks on blockchain applications, smart contracts and blockchain infrastructure.
DDoS-as-a-Service, case study
Email is not dead
Email is still one of the most used communication means, and also one of the most abused communication means. Is the spam the only menace or are there also different risks connected with the emails? How the messaging community deals with these issues and why unified approach across the Internet helps reducing the abuse? This session helps recipients and mailbox providers to understand how to improve the malmail detection, and senders will find here possible answers how to coexist as good actors within this hostile environment.
Find Me If You Can
The presentation is based on a true story about that how we used social engineering and other techniques to found people we knew very little about and we didn't have any contact information. We visited different pubs and talked with people we didn't know, we searched advertisements and different websites (but not social networks), etc. In the end, we found a lot of data that we didn't have at the beginning: mobile number, e-mail, information about relatives, business information, etc. Also, in the presentation, I would draw attention to how unimportant data for us can be very important for malicious people and impact that new technologies such as AI (Artificial Intelligence) have on hackers activities.
GDPR is here to stay and what are the next steps?
The author spent last few years in implementing GDPR regulation across the Europe in some of the biggest companies and banks.
He wants to share his experience in implementing GDPR and wants to talk about future of GDPR with special focus on information security.
Also, he wants to share with the audience common pitfalls during implementation and to describe more GDPR as business as usual.
He will analyze information security involvement in all GDPR processes and how DPO and InfoSec person should work together and understand each other needs.
The author wants to explain how to extract gaps from the current and future applications and how to apply information security standards to GDPR compliance.
The questions exist in many implementation: How to mitigate some technical risks with some application controls?
What if implementation of application controls is more expensive than a risk itself?
How to compensate and how to use a common sense?
Hiding in plain sight - how sophisticated attackers steal and exfiltrate your data
IS d.o.o. In this presentation, Bojan Ždrnja, CTO and penetration testing team leader in INFIGO IS, will analyze and demonstrate some advanced techniques on how data can be exfiltrated even from the most secure environments. By abusing some legitimate services, Bojan will demonstrate techniques that have been seen as used by real attackers, and also some techniques developed by INFIGO during various penetration testing and red team engagements. The presentation should scare you – because it scared us too!
How to optimize Identity Protection of your current IT infrastructure?
The Cybersecurity level of a Company is defined by the weakest link - which is usally The User. This is why the user identity protection is the foundation of the Cybersecurity strategy for every organization. Softline's experts can assess and evaluate your organization's current identity protection posture and provide you with guidance on how to make it more secure by utilizing all the features and possibilities of your current infrastructure. Join our session to learn how it is possible to increase your company's cybersecurity level on your existing infrastructure!
How to Secure OpenShift Environments and What Happens If You Don't
OpenShift by Red Hat is one of the major Platform as a Service (PaaS) solutions on the market. It is used to automatically deploy Kubernetes clusters and provides useful extensions for cluster management mixed with some magic under the hood.
Instantiating a Kubernetes cluster is often a crucial step in setting up a modern application stack. But be aware – a lot of configuration parameters are awaiting you. And here several misconfigurations may occur that can lead up to a compromise of the cluster. Privileged containers, tainting of masters and executing workloads on them, missing role-based access controls, and misconfigured Service Accounts are part of the problem.
In this talk, Jan will explain which configuration parameters of an OpenShift environment are critical to ensure the overall security of the deployed Kubernetes clusters. Implications of misconfigurations will be demonstrated during live demos. Finally, recommendations for a secure configuration are provided.
How we can protect our privacy? Information Governance and Data Protection solutions - Comply with confidence
Presentation will discover set of solutions that are focused on specific privacy protection use cases to enable compliance. Micro Focus security and information management & governance software is underpinned by rich analytics to help you streamline your compliance efforts. We can automatically identify the most-critical and sensitive data, which we can protect in use, in transit and at rest. This unique combination of modular solutions and deep information insight helps our customers leverage data with confidence, to grow the trust of their customers, and to make data privacy and GDPR related regulations good for their business.
Importance of Unified View for All: IT, Security and Compliance
Unifying IT, Security and Compliance data in a single-pane-of-glass-view with 2-second visibility across on-premises, endpoints, cloud(s), containers, web apps, API, mobile and OT/IoT environments it is fundamental need of any business interested in secure and uninterrupted growth and long prosperity.
People who achieved visibility Across Enterprise reports following side effects:
• Knowing what’s on your global hybrid-IT environment
• Providing a single source of truth for all your teams
• Better decision making using enriched data
• Improving your security and compliance posture
• Getting that promotion, they always wanted
Introducing ISACA®’s Cybersecurity Audit Certificate Program
It’s not just the high cost to an organization in the event of a breach, but the inevitability of an attack that makes cybersecurity critical. With the increasing number of cyberthreats, it is becoming critical for the audit plan in every organization to include cybersecurity. As a result, auditors are increasingly being required to audit cybersecurity processes, policies and tools to provide assurance that their enterprise has appropriate controls in place. Vulnerabilities in cybersecurity can pose serious risks to the entire organization—making the need for IT auditors well-versed in cybersecurity audit greater than ever.
ISACA’s new Cybersecurity Audit Certificate Program provides audit/assurance professionals with the knowledge needed to excel in cybersecurity audits. It provides security professionals with an understanding of the audit process, and IT risk professionals with an understanding of cyber-related risk and mitigating controls.
Local lateral movement - new threat vector
In order to use hacking tools or malware code, hackers need to have them locally where all known threat vectors are worn out. This lecture will show using Microsoft technology against Microsoft OS in lateral movement and ways to defend against this threat, new threat vector.
MODERATOR (1st SECTION): Alenka Brezavšček
MODERATOR (1st SECTION): Andrej Erzetič
MODERATOR (1st SECTION): Nataša Može
MODERATOR (2nd SECTION): Borut Likar
MODERATOR (2nd SECTION): Nada Čotar
MODERATOR (2nd SECTION): Nada Čotar
MODERATOR (3rd SECTION): Janko Šavnik
MODERATOR (3rd SECTION): Simona Habič
MODERATOR (4th SECTION): Nataša Može in Simona Habič
MODERATOR (5th SECTION): Milenko Boroja
MODERATOR (KEY-NOTE LECTURES): Borut Likar
MODERATOR (KEY-NOTE LECTURES): Borut Likar
Pentesting DevOps Environments
Container, their orchestration platforms, and a variety of other tools from the DevOps ecosystem enable engineers to develop, deploy, and operate applications at great speed and flexibility. In this presentation, I will give a short buzzword-less introduction to the technologies with a security practitioner audience in mind and will then focus on common security issues of those. We will cover container, container orchestration platforms, and network technologies.
PSD2 - Opening Banking
A brief look at the impact, technical challenges and security implications of PSD2 on banks and financial services. Focusing on the SCA and open banking requirements.
Real-time traffic visualization and network modeling with Zeek
Popular network mapping tools, like nmap, provide woefully inadequate interfaces to understanding networks. Presenting textual information on a command line or on a web page is common, but it is not the only way to visualize and control networks.
This talk will introduce the IDS and analysis tool Zeek and present Nick's work on visualization and mapping of IP networks using OpenGL and D3. Nick will present an open-source real-time graphical tool and a packet analyzer that generates suitable maps fit for print and discuss its implications related to their work at a new Security Operations Center.
We will take a look at risk and what does risk mean to us as individuals and as businesses. Companies are under extreme pressure, and they’re constantly struggling to keep our information safe and operations online. Just imagine Damage related to cybercrime is projected to hit $6 trillion annually by 2021 and by 2020 we expect IT analysts covering cybersecurity will be predicting five-year spending forecasts (to 2025) at well over $1 trillion.
Security compliance and security planning tips related to SWIFT CSCF version 2020
From July 2020, all SWIFT users will be obligated to carry out an independent assessment when self-attesting. SWIFT Customer Security Controls Framework (CSCF) in version 2020 provides three new advisory controls and two advisory controls are promoted to mandatory. Additional guidance is provided for technical and alternative implementations, including 15 clarification related to previous CSCF version 2019. We will look back on experiences from CSCF compliance and security projects, especially in COBIT framework use in compliance and security planning process and some common implementation mistakes and misunderstandings. Our control and self-assessments plan details are based on COBIT 2019 core model and related practice.
Smart Technologies for Smart Society: Is the Cybersecurity a key enabler for the 4th Industrial Revolution?
Living at the beginning of the 21st century is the most exciting period in human history, especially from the perspectives of engineers and ICT professionals. Too many things are changing every day and many challenges need to be solved. The human civilization has stepped in the 4th industrial revolution named the Information Age, where data is the center of all business models. Digitalization of business models and processes and Digital Transformation of whole society become a part of a new lifestyle and improving our Quality of Life and service experience. Many applications, which sound like a future event and science-fictions, become a part of our everyday lives: Smart Cities, Human-Robot Collaboration, Internet of Things, Massive and Critical Machine-to-Machine, Artifical Intelligence, Machine Learning, Big Data, 5G, ... but it is still very quiet and professionals are very concerned to push all these solutions in the business processes. Do we have trust in new technologies? Is the cybersecurity the key enabler for future implementations? Let's check the tech world overview with us, to learn which priorities we have in this decade.
Start from threat modeling
When you are looking for the solution to a computer problem, you first look at the symptoms and you work your way back to the root cause. Finding the root cause and implementing a fix that addresses the root cause is a much more efficient way to dealing with systems and software issues than simply addressing the symptom itself with bad patching mechanisms.
This approach does not work equally well when it comes to analyzing and designing secure systems and software: waiting for a compromise to happen, only to then work your way back to the core issue is a recipe for disaster. More generally, approaching security design with a reactive methodology is a flawed approach.
Threat modeling is a fundamental design step in building any computer system, and it helps follow secure development practices which in turn help you anticipate security issues and prevent them, instead of passively reacting to them when (not if) a security incident happens. Prevention always works better than damage control.
Unfortunately, threat modeling is an often-overlooked step, despite the numerous benefits that it can bring to the table, both from a security perspective as well as from a financial perspective: understanding what your security requirements are allows you to focus on a curated list of challenges instead of spreading yourself thin, which in turn allow you to invest your budget where it really matters.
The age of Autonomous Breach Protection: Prepare, Confront and Respond to cyberthreats across the entire environment
We will be introducing the Israeli company Cynet's solution Cynet 360, which eliminates the need for complex, multi-product security stacks, providing reliable protection against security breaches. The solution is accessible to any organization, regardless of size and security readiness. Cynet 360 is the first autonomous security breach platform that integrates and automates monitoring and control, attack prevention, detection and response across the complete environment. Using Cynet Sensor FusionTM technology, it continuously analyzes all activity signals from a protected environment: user activity, process behavior, and network traffic to provide protection against the threat of unprecedented accuracy, along with automated remedial repair procedures for all core attack vectors. Among the main advantages there are also included 24/7 security services (incident response and threat hunting and risk management expertise at no extra cost).
The story behind of my favorite ATM (Arbitrary Taking Money)
Do you want to build (and maybe sell) a branch level ATM? Or are you about to buy one into your office?
Then it is worth to come and check this lecture.
Balazs Hambalko will show you several possibilities how could an arbitrary colleague abuse this ATM controller system, and “hopefully” bypass the log and audit related mechanisms, as well.
Based on a true story.
If you want to see in his video how the ATM abbreviation becomes “Arbitrary Taking Money” without bothering ourselves with such a dirty word like Authentication, then we definitely should meet.
Vendor Contingency Planning, Pulling it all together
Vendors today are a regular part of your business, intermingled with daily operations of almost every department and process. Because of regulations, industry standards and recommendations from agencies like the FFIEC (Appendix J), ISO 22301, and ISACA, companies are paying more attention to assessing the risk of vendors (and your vendor’s vendors). But is assessing the risk enough? Who in your organization is responsible for pulling it all together? Conducting a BIA and identifying where the functions and vendors are the most critical, identifying who and what exactly is impacted and actually coming up with a documented plan to continue operations without the service/product they provide? Businesses today typically have Business Continuity Plans, Disaster Recovery Plans and Crisis Management Plans but do you have specific plans in place for a critical vendor outage?
Build your security culture on the risk assessment expense
Aligning security strategy with the business risk an organization faces is known to be a challenge.
Join our presentation to hear what are some realistic steps to move behavior from just awareness to a strong security culture that empowers more the organization and gets it ready for the unexpected.
Istvan Lengyel, BANKING ASSOCIATION FOR CENTRAL AND EASTERN EUROPE
MODERATOR (CIO FORUM): Borut Likar
New EU-wide rules to kick off in 2021 for protection of whistle-blowers: Responsibility of CIOs.
SIJ Digital Transformation
Due to the available technologies and solutions, huge amount of business effects rely in the area of the IT. Transformation with reasonable speed is impossible without investments, but investments should be the effective and manageable. We've focused on reaching next IT investments effectiveness factors:
• Projects should bring the value for the business and that value should be measurable and reachable
• Projects should have clear and defined scope
• Projects should have clear and defined budget
• Project should have start and end date
Voice as The New Mobile - The biggest disruption in the IT business after the Internet and Mobile
»We are going through one of those technology shifts that come around every 10 to 15 years. We witnessed it with computers and the web in the mid-90s. More recently, there’s been a tremendous impact of mobile technology … Now we believe there is a new era, which is powered by voice, and this will have a major impact on commerce.« Giulio Montemagno (Amazon) - Amazon is not alone. Google, Facebook, Samsung, Apple and Microsoft are investing billions into voice technology. What can IT leaders do today to ensure their strong market position in the future?