Day 1 - 19 June 2019
Developing security solutions: Chair’s welcome and opening comments
Why crooks love the cloud (and what to do about it)
- What to do about it
- General overview of Security Solutions
Data integrity, from IoT to cloud
- What is Data integrity
- Why is this important
- Factors affecting Data Integrity
- Controls to assure Data integrity
Group Product Manager - Data Security
10:50AM - Day 1
Fintech & Cloud Security – Leaving the Startup-Mindset Puberty
This session is about how to implement security controls in Fintech products and services running on public cloud services, within a Fintech organization, which is on one hand, a startup-kind of organization, and on the other hand, a regulated financial institution. In this session, I will discuss the people and the professional aspects involved with applying security – both from regulatory and practical risk perspectives.
Four Key Takeaways:
1. How security controls implementation in cloud environments are working in Fintech companies in practice.
2. What are the key differences between practical risks mitigation and regulatory requirements mitigation, and where one should consider to combine them.
3. How the transition from startup-minded organization to an official financial institution should look like (at least from operational and security perspective).
4. How shared responsibility of a company and cloud service provider can be a challenge.
Manager Education ICT
Utrecht University of Applied Sciences
11:50AM - Day 1
Panel: Sharing responsibility for cloud security
- Security in the cloud is – and always has been – a two-way street defined as the vendor being responsible for security ‘of’ the cloud – software and hardware – while the customer is responsible for security ‘in’ the cloud – data, OS, identity and access management, and so forth. So why do companies still struggle?
- Which stakeholders throughout the business and beyond have to take responsibility for cloud security, and what education and training is required?
- How do consumers fit into all this?
- Discussing effective strategies for sharing this responsibility effectively from Enterprise.
Global Service Owner One Digital Workspace
12:30PM - Day 1
Migrating to the Cloud, a Next-Next-Finish Syndrome?
Dear User, we’re moving your Email to the Cloud and you’ll get additional great stuff!
How about Security? Compliance? GDPR?
Can we now stop using email?
Cloud Access Security Brokers – How Leading Organizations Protect Cloud Data
- What CASBs do and how they differ from more traditional cloud security solutions
- How CASBs help with shadow IT policies and rising employee use of cloud apps
- Combining visibility, compliance, data security and threat protection
Principal Technology Evangelist
Amazon Web Services
02:20PM - Day 1
Breaking Intrusion Kill Chains with AWS
Today, many Chief Information Security Officers and cybersecurity practitioners are looking for an effective cybersecurity strategy that will help them achieve measurably better security for their organization. One strategy that has helped many organizations accomplish this is the Intrusion Kill Chain strategy. This presentation provides background context on this framework, outlines how to mitigate attackers’ intrusion kill chains using the AWS cloud platform, and offers advice on how to measure the effectiveness of this approach.
Global Head of Cyber Detection Services
02:50PM - Day 1
Transitioning from Improvement Projects to Operational Business – how to move special projects back to your line organisation
Many companies have begun implementing Cyber Security Improvement Projects, but how do you transfer these projects, which are usually time limited and only going to recommendation & concept phases, into the day to day operational activities of a company, including roll-out, support, licence costs and people.
Senior Defense & Security Industry Analyst- Digital Transformation
Frost & Sullivan
03:20PM - Day 1
SAP Solutions Architect – Technology | Security | Archiving
03:20PM - Day 1
03:20PM - Day 1
Panel: Role of ethical hacking and penetration testing
- What role white and grey hat hackers can play in developing secure systems?
- Discussing the challenges and opportunities in this field
- Real life examples from enterprise of how pen testing and ethical hackers are improving their organisations’ cyber security.
Afternoon Keynote: Do You Know If Your Cloud Data Is Secure?
As more and more data is moving to the cloud how can you ensure your data is secure? Hear from Wasabi, the cloud storage experts, and Equinix the trusted datacenter provider about what measures are in place to provide data security and learn some best practices for securely moving your data in and out of the cloud. Learn about services which allow you to bypass the internet and setup direct connections to public clouds using software defined interconnection resulting in a fast, dynamic and secure transfer of data. Users can establish on demand virtual cloud-to-cloud connections as well as interconnect metros and regions to secure their data anywhere and anytime . There are secure solutions available for any type of organization, join us to understand your options.
IT Security Specialist
04:50PM - Day 1
Presenting the future of reporting vulnerabilities – a look into our new platform
In a time where almost every single thing is digitalized, it’s weird to consider that the results of a penetration test are often still presented in a pdf or docx format. This is not only a very static way of reporting your findings it also lacks in client interaction. At Rootsec we don’t just want to inform our clients of potential vulnerabilities we want to continuously support them.
We are therefore proud to present our newest platform which will hopefully set a new standard for the way we, IT-sec companies, report our findings. The platform, which is nameless at the time of writing, will allow customers to instantly see the state of their security based on the results of various tests.
In a 20 minute presentation Emil Pilecki, IT-security expert at Rootsec, will dive deeper into the functionalities of the platform such as a real-time support system and the dynamic solution-driven environment.
Day 2 - 20 June 2019
Director Cyber Risk Services
10:00AM - Day 2
Developing security solutions Day 2: Chair’s welcome and opening comments
Manager of Sales Engineering, Central Europe
10:20AM - Day 2
Improve your cyber resilience strategy, also take a look at email.
- Recent ransomware outbreaks have served as a wake-up call for organizations around the world to take the disruptive power of evolving threats more seriously
- Email is the easiest way for threat actors to gain access to your organization, usually through a combination of social and technological engineering.
- In this talk we will discuss the complexity of these threats and how best to deal with them.
Keynote: How to win the cybersecurity arms race
- Challenges in actually building security software
- Interactive session focused on technical and practical use
- Beating the crooks
Regional Director NEuR (Benelux & Nordics)
11:20AM - Day 2
Head of Detect & Security Innovation
12:20PM - Day 1
11:20AM - Day 2
Head of DevOps Strategy
11:20AM - Day 2
03:00PM - Day 1
Panel: Implementing DevSecOps in Enterprise
- Discussing the need for DevSecOps for your security team?
- Reconciling the goals and needs of your organisation with the ever shifting cyber security landscape.
- Barriers to security: lack of security ‘culture’ in your organisation, getting C level buy in.
- Examples of success from DevSecOps teams.
Controlling DevOps & Shadow IT
We live in a disruptive business environment in many industries. Under intensifying competitive pressure, businesses are digitizing their primary processes in an agile fashion (DevOps) and are using solutions not formally sanctioned (Shadow IT). This leaves the CIO and CISO in a challenging position to manage the risks without disrupting the business. In this session we will present opportunities to sustainably deal with these challenges, by activating the business and the use of analytics.
Keynote: Protecting the Apps, Assets and Services That Run Your Business
Hacking has proven a relatively risk-free way to obtain sensitive data and IP in recent years, with attackers able to lurk for months on networks, conducting essential surveillance and compromising the credentials they need to move laterally before launching their endgame – whatever that might be. We don’t necessarily lack visibility of what is going on in our networks but we certainly lack the ability to tell whether what is going on is something that can be trusted…or something that needs attention. This session will cover how to correctly apportion risk to network activity by focusing on managing and securing the credentials that allow access to critical assets. It will argue that it is crucial to identify what is truly necessary to secure and to implement a strategy to support this that provides a defensible ROI argument.
CBABenelux IT Tools
02:00PM - Day 2
Bringing IT Together – IT Management, Simplified
02:30PM - Day 2
Leveraging the human factor in information security
- The need for the human factor in information security
- How human nature is used to manipulate us
- Different forms of manipulation
- The value and process of educating users
Territory Manager Benelux
03:00PM - Day 2
How Pulse Secure delivers Zero Trust with evolution towards a Software Defined Perimeter
From Remote Access to Secure Access – Zero Trust – Software Defined Perimeter.
Chief Commercial Officer
03:20PM - Day 2
01:10PM - Day 1
Neutrality and Intent in Secure Communication
- The risk in smartphones
- Threat posed by tech giants and nation state actors
- ARMA G1 Secure Communicator