Day 1 - 19 June 2019

Developing Security Solutions

Gartner predicts that over $75 billion will be spent worldwide on infrastructure protection and security services in 2019.  As cloud computing takes a forefront for both consumer and enterprise computing, development of cloud security solutions is due to make up a large proportion of that spending.  With so much data now being stored in the cloud, the need for secure infrastructure is imperative.  On Day 2, we then shift focus to discussing network security – hearing from industry professionals about their latest solutions, how they work and what results are being seen by the companies using them.

09:30AM

Peter HJ van Eijk

Board Member, Dutch Chapter

Cloud Security Alliance

Associated Talks:

09:30AM - Day 1

View Developing security solutions: Chair’s welcome and opening comments

View Full Info

Developing security solutions: Chair’s welcome and opening comments

. Peter HJ van Eijk, Board Member, Dutch Chapter, Cloud Security Alliance

09:50AM

Paul Ducklin

Senior Technologist

Sophos

Associated Talks:

10:50AM - Day 2

View Keynote: How to win the cybersecurity arms race

03:20PM - Day 2

View Panel: How artificial intelligence and blockchain are the battlegrounds for the next security wars

09:50AM - Day 1

View Why crooks love the cloud (and what to do about it)

View Full Info

Why crooks love the cloud (and what to do about it)

  • What to do about it
  • General overview of Security Solutions
. Paul Ducklin, Senior Technologist, Sophos

Cloud Security – co-hosted with Cloud Security Alliance

10:20AM

Sjoerd Hulzinga

Architect & Product Manager

KPN Security

Associated Talks:

10:20AM - Day 1

View Data integrity, from IoT to cloud

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Data integrity, from IoT to cloud

  • What is Data integrity
  • Why is this important
  • Factors affecting Data Integrity
  • Controls to assure Data integrity
. Sjoerd Hulzinga, Architect & Product Manager, KPN Security

10:50AM

Nir Chervoni

Group Product Manager - Data Security

Booking.com

Associated Talks:

10:50AM - Day 1

View Fintech & Cloud Security – Leaving the Startup-Mindset Puberty

View Full Info

Fintech & Cloud Security – Leaving the Startup-Mindset Puberty

This session is about how to implement security controls in Fintech products and services running on public cloud services, within a Fintech organization, which is on one hand, a startup-kind of organization, and on the other hand, a regulated financial institution. In this session, I will discuss the people and the professional aspects involved with applying security – both from regulatory and practical risk perspectives.

Four Key Takeaways:
1. How security controls implementation in cloud environments are working in Fintech companies in practice.
2. What are the key differences between practical risks mitigation and regulatory requirements mitigation, and where one should consider to combine them.
3. How the transition from startup-minded organization to an official financial institution should look like (at least from operational and security perspective).
4. How shared responsibility of a company and cloud service provider can be a challenge.

. Nir Chervoni, Group Product Manager - Data Security, Booking.com

11:20AM

Networking Break

11:50AM

Peter HJ van Eijk

Board Member, Dutch Chapter

Cloud Security Alliance

Associated Talks:

09:30AM - Day 1

View Developing security solutions: Chair’s welcome and opening comments

View Full Info

Serge Wallagh

Manager Education ICT

Utrecht University of Applied Sciences

Associated Talks:

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Richard Czech

Director of EMEA Sales

Wasabi

Associated Talks:

04:20PM - Day 1

View Afternoon Keynote: Do You Know If Your Cloud Data Is Secure?

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Sjoerd Hulzinga

Architect & Product Manager

KPN Security

Associated Talks:

10:20AM - Day 1

View Data integrity, from IoT to cloud

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Alex Linde

Solutions Engineer

Bitglass

Associated Talks:

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

12:50PM - Day 1

View Cloud Access Security Brokers – How Leading Organizations Protect Cloud Data

View Full Info

Panel: Sharing responsibility for cloud security

  • Security in the cloud is – and always has been – a two-way street defined as the vendor being responsible for security ‘of’ the cloud – software and hardware – while the customer is responsible for security ‘in’ the cloud – data, OS, identity and access management, and so forth. So why do companies still struggle?
  • Which stakeholders throughout the business and beyond have to take responsibility for cloud security, and what education and training is required?
  • How do consumers fit into all this?
  • Discussing effective strategies for sharing this responsibility effectively from Enterprise.
Moderator: . Peter HJ van Eijk, Board Member, Dutch Chapter, Cloud Security Alliance
. Serge Wallagh, Manager Education ICT, Utrecht University of Applied Sciences
. Richard Czech, Director of EMEA Sales, Wasabi
. Sjoerd Hulzinga, Architect & Product Manager, KPN Security
. Alex Linde, Solutions Engineer, Bitglass

12:30PM

Emiel Stroeve

Global Service Owner One Digital Workspace

Rabobank Group

Associated Talks:

12:30PM - Day 1

View Migrating to the Cloud, a Next-Next-Finish Syndrome?

View Full Info

Migrating to the Cloud, a Next-Next-Finish Syndrome?

Dear User, we’re moving your Email to the Cloud and you’ll get additional great stuff!

How about Security? Compliance? GDPR?

Can we now stop using email?

. Emiel Stroeve, Global Service Owner One Digital Workspace, Rabobank Group

12:50PM

Alex Linde

Solutions Engineer

Bitglass

Associated Talks:

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

12:50PM - Day 1

View Cloud Access Security Brokers – How Leading Organizations Protect Cloud Data

View Full Info

Cloud Access Security Brokers – How Leading Organizations Protect Cloud Data

  • What CASBs do and how they differ from more traditional cloud security solutions
  • How CASBs help with shadow IT policies and rising employee use of cloud apps
  • Combining visibility, compliance, data security and threat protection
. Alex Linde, Solutions Engineer, Bitglass

01:20PM

Networking Break

Threat Detection & Response

02:20PM

Orlando Scott-Cowley

Principal Technology Evangelist

Amazon Web Services

Associated Talks:

02:20PM - Day 1

View Breaking Intrusion Kill Chains with AWS

View Full Info

Breaking Intrusion Kill Chains with AWS

Today, many Chief Information Security Officers and cybersecurity practitioners are looking for an effective cybersecurity strategy that will help them achieve measurably better security for their organization. One strategy that has helped many organizations accomplish this is the Intrusion Kill Chain strategy. This presentation provides background context on this framework, outlines how to mitigate attackers’ intrusion kill chains using the AWS cloud platform, and offers advice on how to measure the effectiveness of this approach.

. Orlando Scott-Cowley, Principal Technology Evangelist, Amazon Web Services

02:50PM

Simon Bradley

Global Head of Cyber Detection Services

Siemens

Associated Talks:

02:50PM - Day 1

View Transitioning from Improvement Projects to Operational Business – how to move special projects back to your line organisation

View Full Info

Transitioning from Improvement Projects to Operational Business – how to move special projects back to your line organisation

Many companies have begun implementing Cyber Security Improvement Projects, but how do you transfer these projects, which are usually time limited and only going to recommendation & concept phases, into the day to day operational activities of a company, including roll-out, support, licence costs and people.

. Simon Bradley, Global Head of Cyber Detection Services, Siemens

03:20PM

Alix Leboulanger

Senior Defense & Security Industry Analyst- Digital Transformation

Frost & Sullivan

View Full Info

Jean-Marc Boschian

CISO

ABB

Associated Talks:

03:20PM - Day 1

View Panel: Role of ethical hacking and penetration testing

View Full Info

Suyash Shrivastava

SAP Solutions Architect – Technology | Security | Archiving

Maersk

Associated Talks:

03:20PM - Day 1

View Panel: Role of ethical hacking and penetration testing

View Full Info

Lars Putteneers

Sales Engineer

Sophos

Associated Talks:

03:20PM - Day 1

View Panel: Role of ethical hacking and penetration testing

View Full Info

Panel: Role of ethical hacking and penetration testing

  • What role white and grey hat hackers can play in developing secure systems?
  • Discussing the challenges and opportunities in this field
  • Real life examples from enterprise of how pen testing and ethical hackers are improving their organisations’ cyber security.
Moderator: . Alix Leboulanger, Senior Defense & Security Industry Analyst- Digital Transformation, Frost & Sullivan
. Jean-Marc Boschian, CISO, ABB
. Suyash Shrivastava, SAP Solutions Architect – Technology | Security | Archiving, Maersk
. Lars Putteneers, Sales Engineer, Sophos

04:00PM

Network Break

04:20PM

Art de Blaauw

Director Technology & Innovation

Equinix Managed Services

Associated Talks:

04:20PM - Day 1

View Afternoon Keynote: Do You Know If Your Cloud Data Is Secure?

View Full Info

Richard Czech

Director of EMEA Sales

Wasabi

Associated Talks:

04:20PM - Day 1

View Afternoon Keynote: Do You Know If Your Cloud Data Is Secure?

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Afternoon Keynote: Do You Know If Your Cloud Data Is Secure?

As more and more data is moving to the cloud how can you ensure your data is secure? Hear from Wasabi, the cloud storage experts, and Equinix the trusted datacenter provider about what measures are in place to provide data security and learn some best practices for securely moving your data in and out of the cloud. Learn about services which allow you to bypass the internet and setup direct connections to public clouds using software defined interconnection resulting in a fast, dynamic and secure transfer of data.  Users can establish on demand virtual cloud-to-cloud connections as well as interconnect metros and regions to secure their data anywhere and anytime .  There are secure solutions available for any type of organization, join us to understand your options.

. Art de Blaauw, Director Technology & Innovation , Equinix Managed Services
. Richard Czech, Director of EMEA Sales, Wasabi

04:50PM

Emil Pilecki

IT Security Specialist

Rootsec

Associated Talks:

04:50PM - Day 1

View Presenting the future of reporting vulnerabilities – a look into our new platform

View Full Info

Presenting the future of reporting vulnerabilities – a look into our new platform

In a time where almost every single thing is digitalized, it’s weird to consider that the results of a penetration test are often still presented in a pdf or docx format. This is not only a very static way of reporting your findings it also lacks in client interaction. At Rootsec we don’t just want to inform our clients of potential vulnerabilities we want to continuously support them.

We are therefore proud to present our newest platform which will hopefully set a new standard for the way we, IT-sec companies, report our findings. The platform, which is nameless at the time of writing, will allow customers to instantly see the state of their security based on the results of various tests.

In a 20 minute presentation Emil Pilecki, IT-security expert at Rootsec, will dive deeper into the functionalities of the platform such as a real-time support system and the dynamic solution-driven environment.

. Emil Pilecki, IT Security Specialist, Rootsec

05:10PM

Session Close

Networking Party – 6pm – The Beach Bar, Strandzuid @ RAI

An evening of networking on Wednesday 19 June from 6pm. Access for Ultimate, Gold & Expo Plus holders in addition to speakers, sponsors, press and exhibitors. Taking place at The Beach Bar, this lakeside spot is surrounded by trees and located just a few minutes walk from the expo venue.  Join us for drinks and networking opportunities.

Day 2 - 20 June 2019

10:00AM

Jelle Niemantsverdriet

Director Cyber Risk Services

Deloitte

Associated Talks:

10:00AM - Day 2

View Developing security solutions Day 2: Chair’s welcome and opening comments

View Full Info

Developing security solutions Day 2: Chair’s welcome and opening comments

. Jelle Niemantsverdriet, Director Cyber Risk Services, Deloitte

Network Security

10:20AM

Sander Hofman

Manager of Sales Engineering, Central Europe

Mimecast

Associated Talks:

10:20AM - Day 2

View Improve your cyber resilience strategy, also take a look at email.

View Full Info

Improve your cyber resilience strategy, also take a look at email.

  • Recent ransomware outbreaks have served as a wake-up call for organizations around the world to take the disruptive power of evolving threats more seriously
  • Email is the easiest way for threat actors to gain access to your organization, usually through a combination of social and technological engineering.
  • In this talk we will discuss the complexity of these threats and how best to deal with them.
. Sander Hofman, Manager of Sales Engineering, Central Europe, Mimecast

10:50AM

Paul Ducklin

Senior Technologist

Sophos

Associated Talks:

10:50AM - Day 2

View Keynote: How to win the cybersecurity arms race

03:20PM - Day 2

View Panel: How artificial intelligence and blockchain are the battlegrounds for the next security wars

09:50AM - Day 1

View Why crooks love the cloud (and what to do about it)

View Full Info

Keynote: How to win the cybersecurity arms race

  • Challenges in actually building security software
  • Interactive session focused on technical and practical use
  • Beating the crooks
. Paul Ducklin, Senior Technologist, Sophos

11:20AM

Martijn Sprengers

Information Security Advisor

KPMG Nederland

Associated Talks:

12:00PM - Day 2

View Controlling DevOps & Shadow IT

View Full Info

Gregg Gerber

Regional Director NEuR (Benelux & Nordics)

Symantec

Associated Talks:

11:20AM - Day 2

View Panel: Implementing DevSecOps in Enterprise

View Full Info

Jon Hawes

Head of Detect & Security Innovation

Photobox Group

Associated Talks:

12:20PM - Day 1

View Measuring the effectiveness of AI for security operations

11:20AM - Day 2

View Panel: Implementing DevSecOps in Enterprise

View Full Info

David Higgins

EMEA Technical Director

CyberArk

Associated Talks:

01:30PM - Day 2

View Keynote: Protecting the Apps, Assets and Services That Run Your Business

11:20AM - Day 2

View Panel: Implementing DevSecOps in Enterprise

10:50AM - Day 1

View Panel: The evolution of cloud for enterprise cybersecurity

10:20AM - Day 1

View Keynote: Why Privileged Access Management (PAM) Is A Digital Transformation Essential

View Full Info

Matthieu Fronton

Head of DevOps Strategy

La Poste

Associated Talks:

11:20AM - Day 2

View Panel: Implementing DevSecOps in Enterprise

03:00PM - Day 1

View Purposely misusing Hashicorp’s Vault to create an encrypted cache

View Full Info

Panel: Implementing DevSecOps in Enterprise

  • Discussing the need for DevSecOps for your security team?
  • Reconciling the goals and needs of your organisation with the ever shifting cyber security landscape.
  • Barriers to security: lack of security ‘culture’ in your organisation, getting C level buy in.
  • Examples of success from DevSecOps teams.
Moderator: . Martijn Sprengers, Information Security Advisor, KPMG Nederland
. Gregg Gerber, Regional Director NEuR (Benelux & Nordics), Symantec
. Jon Hawes, Head of Detect & Security Innovation, Photobox Group
. David Higgins, EMEA Technical Director , CyberArk
. Matthieu Fronton, Head of DevOps Strategy, La Poste

12:00PM

Ruud Couwenberg

Cyber Security Consultant

KPMG Nederland

Associated Talks:

12:00PM - Day 2

View Controlling DevOps & Shadow IT

View Full Info

Martijn Sprengers

Information Security Advisor

KPMG Nederland

Associated Talks:

12:00PM - Day 2

View Controlling DevOps & Shadow IT

View Full Info

Controlling DevOps & Shadow IT

We live in a disruptive business environment in many industries.  Under intensifying competitive pressure, businesses are digitizing their primary processes in an agile fashion (DevOps) and are using solutions not formally sanctioned (Shadow IT).  This leaves the CIO and CISO in a challenging position to manage the risks without disrupting the business.  In this session we will present opportunities to sustainably deal with these challenges, by activating the business and the use of analytics.

. Ruud Couwenberg, Cyber Security Consultant, KPMG Nederland
. Martijn Sprengers, Information Security Advisor, KPMG Nederland

12:30PM

Networking Break

01:30PM

David Higgins

EMEA Technical Director

CyberArk

Associated Talks:

01:30PM - Day 2

View Keynote: Protecting the Apps, Assets and Services That Run Your Business

11:20AM - Day 2

View Panel: Implementing DevSecOps in Enterprise

10:50AM - Day 1

View Panel: The evolution of cloud for enterprise cybersecurity

10:20AM - Day 1

View Keynote: Why Privileged Access Management (PAM) Is A Digital Transformation Essential

View Full Info

Keynote: Protecting the Apps, Assets and Services That Run Your Business

Hacking has proven a relatively risk-free way to obtain sensitive data and IP in recent years, with attackers able to lurk for months on networks, conducting essential surveillance and compromising the credentials they need to move laterally before launching their endgame – whatever that might be. We don’t necessarily lack visibility of what is going on in our networks but we certainly lack the ability to tell whether what is going on is something that can be trusted…or something that needs attention. This session will cover how to correctly apportion risk to network activity by focusing on managing and securing the credentials that allow access to critical assets. It will argue that it is crucial to identify what is truly necessary to secure and to implement a strategy to support this that provides a defensible ROI argument.

. David Higgins, EMEA Technical Director , CyberArk

02:00PM

Andre Schelleman

CEO

CBABenelux IT Tools

Associated Talks:

02:00PM - Day 2

View Bringing IT Together – IT Management, Simplified

View Full Info

Bringing IT Together – IT Management, Simplified

. Andre Schelleman, CEO, CBABenelux IT Tools

02:30PM

Jelle Wieringa

Technical Evangelist

KnowBe4

Associated Talks:

02:30PM - Day 2

View Leveraging the human factor in information security

View Full Info

Leveraging the human factor in information security

  • The need for the human factor in information security
  • How human nature is used to manipulate us
  • Different forms of manipulation
  • The value and process of educating users
. Jelle Wieringa, Technical Evangelist, KnowBe4

03:00PM

Bert Lutz

Territory Manager Benelux

Pulse Secure

Associated Talks:

03:00PM - Day 2

View How Pulse Secure delivers Zero Trust with evolution towards a Software Defined Perimeter

View Full Info

How Pulse Secure delivers Zero Trust with evolution towards a Software Defined Perimeter

From Remote Access to Secure Access – Zero Trust – Software Defined Perimeter.

. Bert Lutz, Territory Manager Benelux, Pulse Secure

03:20PM

Koen Lockefeer

Chief Commercial Officer

ARMA Instruments

Associated Talks:

03:20PM - Day 2

View Neutrality and Intent in Secure Communication

01:10PM - Day 1

View Neutrality and Intent in Secure Communication

View Full Info

Neutrality and Intent in Secure Communication

  • The risk in smartphones
  • Threat posed by tech giants and nation state actors
  • ARMA G1 Secure Communicator
. Koen Lockefeer, Chief Commercial Officer , ARMA Instruments

03:30PM

Session Close