SEMAFOR – Security, Management and Audit Forum that is jointly organized by ISSA Poland, ISACA Warsaw Chapter and Computerworld magazine polish edition. It is one of the most important information security and IT audit focused events in Poland. In 2016 we hosted 350 participants, 18 exhibitors and 22 conference partners. During conference there were 35 presentation.SEMAFOR is an ideal place to get information about latest security threats and interesting case studies, gather experience and new contacts among IT security environment.
An employee of one of the telecom operators, works voluntarily in ISSA Polish Chapter as a Board of Directors Secretary. Has over 10 years experience in various security domains, mostly working to secure telco networks. She is a strong belierver in awareness campaigns and plikes to work with enduser. A holder of CISSP and CEH certificates
IT security consultant, operational auditor and big data analysis expert for large companies and financial institutions in Poland and UK. He worked for one of Big4 consulting agencies as IT and IT security audtior. Graduated from Insitute of Cimputer Science of Warsaw University. Holds CISA, CISM and CIA certificates. Program Director of ISACA Warsaw Chapter
Analityk, konsultant IT i bezpieczeństwa informacji z kilkuletnim doświadczeniem. Zainteresowany bezpieczeństwem informacji od strony technologii i otwarty na nowe wyzwania. Posiadający certyfikaty CISSP i CISA, jak również certyfikaty technologiczne (RedHat RHCSA, Oracle Database 11g Administrator Certified Associate i inne). Członek zarządu i EduChair ISACA Warsaw Chapter.
Wcześniej zdobywał doświadczenie w AXA Polska na podobnym stanowisku, był architektem odpowiedzialnym za rozwiązania bezpieczeństwa informacji u wiodącego polskiego integratora, analitykiem ds. bezpieczeństwa informacji w czołowym holenderskim banku, a także konsultantem w dziale zarządzania ryzykiem wiodącej firmy doradczej. Specjalizuje się w zagadnieniach związanych z zarządzaniem bezpieczeństwem informacji i bankowością elektroniczną. Członek zarządu w stowarzyszeniu ISSA Polska odpowiedzialny za współpracę medialną oraz organizację konferencji. Absolwent Wydziału Elektroniki i Technik Informacyjnych Politechniki Warszawskiej, uzyskał certyfikaty CISA, CISM, CRISC, CISSP, MCSA, Prince2.
Został uhonorowany przez ISSA International nagrodą Volunteer of the year 2014, min za prace w radzie programowej Semafor.
Leader of Ernst & Young Advanced Security Center team - competency centerfor technical IT security services in Central Eastern Europe Region. Michał graduated from lectronics and Information Technology Fauculty in Warsaw University of Technology. He has a vast experience in IT audits and pentests. Before joining EY team in 2002, he was network developer in Alcatel, introduced ebanking solutions in Bank Handlowy. Michał is member of ISSA, ISACA and OWASP polish chapters and SANS Institute mentor for internet application security. Holder of certificates * CISM (Certified Information Security Manager), * CISSP (Certified Information Systems Security Professional), * CISA (Certified Information Systems Auditor), * LPT (Licensed Penetration Tester), * CEH (Certified Ethical Hacker), * GWAPT (GIAC Web Application Penetration Tester), * CRISC (Certified in Risk and Information Systems Control), * CCSP (Cisco Certified Security Professional), * CCSA (Check Point Security Administrator), * GSSP-JAVA (GIAC Secure Software Programmer – JAVA) * ECSA (Certified Security Analyst), * PMP (Project Management Professional), * CIA (Certified Internal Auditor), * Information Systems Security (INFOSEC) Professional, * GAWN (GIAC Auditing Wireless Networks Certified Professional), * CCNA (Cisco Certified Network Associate), * Cisco Firewall Specialist, * Cisco IDS Specialist, * Cisco VPN Specialist, * PRINCE2 Foundation,
Security consulant with over 10 years of experience. Business partner in SecuRing, consulting company in IT security field, existing on market for 11 years. Wojciech was responsible for many projects in vrious fields of audit, security test of system and applications, mostly for well known companies in financial and public sector. He is well-recognized as speaker of many security events and conferences of IT security area. Holder of title of Leading Auditor of information security mangement systems. From 2011 Wojciech is lead of OWASP polish chapter
Works for Citi for over 10 years, beginning from joining IT risk management EMEA team. His experience in IT risk management developed with responsibilities of risk managemetn for different EMEA IT Infrastrucutre and DataCenter teams. Joing Citi Handlowy and leading project in vendor management and outsourcing was a next step. From 2013 to 2016, Tomasz was Head of Risk Management team in Citi Service Center in Poland, with responsibilities of every aspect of operational risks and controls for over 4000 employees of CSC Poland
From beginning of 2012 Head of Strategy and IT Management in PZU group. Graduate of Technology Military Academy in Warsaw and MBA at SGH. In 1997-1999 responsible for visualisation of polish airspace situation. From 1999 he gathered exprience in different financial instututions like Band Handlowy (1999-2001), Inteligo Financial Services (2001-2005), EFG Eurobank Ergasias (2005-2008), FM Bank (2008-2009) and Raiffeisen Bank Polska SA (2009-2012). In this time, he excelled in creation and maintaining effective IT team, creation of IT strategy, operational management, introducing IT Governance as well as inforamtion and IT security. He has a vast knowledge in areas of AQAP, ISMS and QMS. He is a leading auditor in ISO 27001, ISO 222301, ISO 9001. Silver Mamager of ISACA and Senior Member of ISSA polish chapters. He is an author oge many publications regarind information security. For many years member of program boards in 600 Executives IT, European Cybersecurity, Semafor
Adam works as Head of Security Department in electronic paymanent industry. Adam worked for ABN AMRO, Royal Bank of Scotland, insurance companies (Winterthur, Credit Suisse Life & Pensions, ING NN) He has a vast experience and knowledge in risk management and BCP and also is intrested in fileds of data privacy, security standards for payment industires (PCI DSS, PA DSS, PCI PIN securitym P2PE), risk and information security management. Holder of CISSP, CISA, CISM, CRISC, CTGA, ITIL Foundation, certificates and leading auditor for ISO 27001, BS25999, ISO 20000.
Responsible for Information Security Management System (ISO27001) and DLP systems.
Memeber of anti-eavesdropping team. ISO 27001 internal auditor, CISA, CISM holder.
Over 10 years of experience in IT and information security (ISO27001, DLP, SIEM, risk analysis).
Board Member (CSX Coordinator and Webmaster) ISACA Warsaw Chapter.
Adam works as Head of Security Department in electronic paymanent industry. Adam worked for ABN AMRO, Royal Bank of Scotland, insurance companies (Winterthur, Credit Suisse Life & Pensions, ING NN) He has a vast experience and knowledge in risk management and BCP and also is intrested in fileds of data privacy, security standards for payment industires (PCI DSS, PA DSS, PCI PIN securitym P2PE), risk and information security management. Holder of CISSP, CISA, CISM, CRISC, CTGA, ITIL Foundation, certificates and leading auditor for ISO 27001, BS25999, ISO 20000.
Security consulant with over 10 years of experience. Business partner in SecuRing, consulting company in IT security field, existing on market for 11 years. Wojciech was responsible for many projects in vrious fields of audit, security test of system and applications, mostly for well known companies in financial and public sector. He is well-recognized as speaker of many security events and conferences of IT security area. Holder of title of Leading Auditor of information security mangement systems. From 2011 Wojciech is lead of OWASP polish chapter
Works for Citi for over 10 years, beginning from joining IT risk management EMEA team. His experience in IT risk management developed with responsibilities of risk managemetn for different EMEA IT Infrastrucutre and DataCenter teams. Joing Citi Handlowy and leading project in vendor management and outsourcing was a next step. From 2013 to 2016, Tomasz was Head of Risk Management team in Citi Service Center in Poland, with responsibilities of every aspect of operational risks and controls for over 4000 employees of CSC Poland
An employee of one of the telecom operators, works voluntarily in ISSA Polish Chapter as a Board of Directors Secretary. Has over 10 years experience in various security domains, mostly working to secure telco networks. She is a strong belierver in awareness campaigns and plikes to work with enduser. A holder of CISSP and CEH certificates
Leader of Ernst & Young Advanced Security Center team - competency centerfor technical IT security services in Central Eastern Europe Region. Michał graduated from lectronics and Information Technology Fauculty in Warsaw University of Technology. He has a vast experience in IT audits and pentests. Before joining EY team in 2002, he was network developer in Alcatel, introduced ebanking solutions in Bank Handlowy. Michał is member of ISSA, ISACA and OWASP polish chapters and SANS Institute mentor for internet application security. Holder of certificates * CISM (Certified Information Security Manager), * CISSP (Certified Information Systems Security Professional), * CISA (Certified Information Systems Auditor), * LPT (Licensed Penetration Tester), * CEH (Certified Ethical Hacker), * GWAPT (GIAC Web Application Penetration Tester), * CRISC (Certified in Risk and Information Systems Control), * CCSP (Cisco Certified Security Professional), * CCSA (Check Point Security Administrator), * GSSP-JAVA (GIAC Secure Software Programmer – JAVA) * ECSA (Certified Security Analyst), * PMP (Project Management Professional), * CIA (Certified Internal Auditor), * Information Systems Security (INFOSEC) Professional, * GAWN (GIAC Auditing Wireless Networks Certified Professional), * CCNA (Cisco Certified Network Associate), * Cisco Firewall Specialist, * Cisco IDS Specialist, * Cisco VPN Specialist, * PRINCE2 Foundation,
Responsible for Information Security Management System (ISO27001) and DLP systems.
Memeber of anti-eavesdropping team. ISO 27001 internal auditor, CISA, CISM holder.
Over 10 years of experience in IT and information security (ISO27001, DLP, SIEM, risk analysis).
Board Member (CSX Coordinator and Webmaster) ISACA Warsaw Chapter.
IT security consultant, operational auditor and big data analysis expert for large companies and financial institutions in Poland and UK. He worked for one of Big4 consulting agencies as IT and IT security audtior. Graduated from Insitute of Cimputer Science of Warsaw University. Holds CISA, CISM and CIA certificates. Program Director of ISACA Warsaw Chapter
Wcześniej zdobywał doświadczenie w AXA Polska na podobnym stanowisku, był architektem odpowiedzialnym za rozwiązania bezpieczeństwa informacji u wiodącego polskiego integratora, analitykiem ds. bezpieczeństwa informacji w czołowym holenderskim banku, a także konsultantem w dziale zarządzania ryzykiem wiodącej firmy doradczej. Specjalizuje się w zagadnieniach związanych z zarządzaniem bezpieczeństwem informacji i bankowością elektroniczną. Członek zarządu w stowarzyszeniu ISSA Polska odpowiedzialny za współpracę medialną oraz organizację konferencji. Absolwent Wydziału Elektroniki i Technik Informacyjnych Politechniki Warszawskiej, uzyskał certyfikaty CISA, CISM, CRISC, CISSP, MCSA, Prince2.
Został uhonorowany przez ISSA International nagrodą Volunteer of the year 2014, min za prace w radzie programowej Semafor.
From beginning of 2012 Head of Strategy and IT Management in PZU group. Graduate of Technology Military Academy in Warsaw and MBA at SGH. In 1997-1999 responsible for visualisation of polish airspace situation. From 1999 he gathered exprience in different financial instututions like Band Handlowy (1999-2001), Inteligo Financial Services (2001-2005), EFG Eurobank Ergasias (2005-2008), FM Bank (2008-2009) and Raiffeisen Bank Polska SA (2009-2012). In this time, he excelled in creation and maintaining effective IT team, creation of IT strategy, operational management, introducing IT Governance as well as inforamtion and IT security. He has a vast knowledge in areas of AQAP, ISMS and QMS. He is a leading auditor in ISO 27001, ISO 222301, ISO 9001. Silver Mamager of ISACA and Senior Member of ISSA polish chapters. He is an author oge many publications regarind information security. For many years member of program boards in 600 Executives IT, European Cybersecurity, Semafor
Analityk, konsultant IT i bezpieczeństwa informacji z kilkuletnim doświadczeniem. Zainteresowany bezpieczeństwem informacji od strony technologii i otwarty na nowe wyzwania. Posiadający certyfikaty CISSP i CISA, jak również certyfikaty technologiczne (RedHat RHCSA, Oracle Database 11g Administrator Certified Associate i inne). Członek zarządu i EduChair ISACA Warsaw Chapter.
Our event will be divided into three tracks:
Program Board does not define any details of any speech. Subject of proposed speech should fit in one or more of main subjects. We encourage you to make speeches about practical subjects e.g. case studies, live demos, best and worst practices. All presentations are planned to be open i.e. there will be possibility for discussions either during Q&A or during a break.
To become a speaker send your presentation title and short description to: [email protected]
Fortinet chroni największe przedsiębiorstwa, dostawców usług i podmioty administracji publicznej na całym świecie. Klienci Fortinet objęci są pełną i inteligentną ochroną w dobie zwiększającej się sfery zagrożeń i stale rosnących oczekiwań wobec wydajności rozszerzających się sieci. Architektura Fortinet Security Fabric zapewnia skuteczne zabezpieczenia, odpowiadające na kluczowe wyzwania bezpieczeństwa środowisk sieciowych, aplikacji, chmury oraz urządzeń mobilnych. Fortinet jest liderem pod względem liczby urządzeń zabezpieczających sprzedanych na całym świecie. Rozwiązania firmy chronią działalność już ponad 425 tys. klientów.
Więcej informacji na www.fortinet.com, Fortinet Blog oraz FortiGuardLabs.
Specjalnie zbudowany i gotowy do ochrony, Forcepoint kieruje się zrozumieniem ludzkich zachowań i intencji. Nasza innowacyjna technologia, wieloletnie doświadczenie i przejrzysta wizja pomagają rozwiązywać krytyczne problemy związane z bezpieczeństwem w celu ochrony pracowników, danych biznesowych i własności intelektualnej.
Oferujemy ukierunkowane na system podejście do wykrywania i analizy zagrożeń wewnętrznych, ochrony użytkowników i aplikacji w chmurze, ochrony sieci następnej generacji, bezpieczeństwa danych i widoczności systemów. To nowe podejście do cyberbezpieczeństwa, jakiego jeszcze nie było. W miarę ewolucji technologii i potrzeb użytkowników nieustannie dążymy do poszerzania naszej oferty, pozostając wiernym naszemu kluczowemu zagadnieniu w zakresie ochrony The Human Point.
Dzięki naszemu 20-letniemu doświadczeniu, proaktywnym i opartym na kontekście technologiom oraz skoncentrowanym na danych, zintegrowanym rozwiązaniom, Forcepoint umożliwia podejmowanie lepszych decyzji.
Verint, the global leader in Actionable Intelligence® solutions, is transforming the way organizations detect complex cyber threats across the attack chain. Verint Threat Protection System is the first unified, intelligence-driven platform that reveals the full attack storyline and revolutionizes the way cyber analysts work. Created by and for security analysts, Verint Threat Protection System automates cyber investigations to accelerate the path from detection to response, helping security analysts at every tier become more productive and effective, overall reducing the costs of running security operations. With Verint’s unique, multi-dimensional approach to detection and proactive forensics, organizations can be more confident in their ability to detect and stop breaches fast.
Eximo Project is specialised in integrating IT systems and designing network infrastructure. The Company offers solutions developed on the basis of the highest standards applied on the new technology market.
Eximo Project is also the manufacturer of F5Wizard software intended for monitoring IT infrastructure and management control, dedicated for both administrators and management staff.
Eximo Project offers outsourcing and consulting services, including complex IT surveillance and IT system security audits. The Company provides the technical support service called Service Desk for medium-sized and large businesses. Thanks to the modern Call Center based on the ITIL practices, we execute reports from 1st, 2nd and 3rd user technical support lines on a daily basis.
We have gained experience by participating in projects executed for public administration as well as financial, trade & service and industrial sectors.
20 years ago we focused on Microsoft and because of that we became a leader on Polish market. We know almost everything about Microsoft's solutions.
We have a team of several dozen experienced professionals and certified engineers. We consult, design, implement, integrate and develop state of the art systems. We provide comprehensive IT solutions, software licenses, hardware, dedicated technical care services, IT audit services and professional literature.
Our clients are large and medium-sized companies from virtually all sectors of the economy, public administration, health and education.
APN Promise S.A.
ul. Domaniewska 44a
02-672 Warszawa
RATELS specjalizuje się w obszarach związanych z bezpieczeństwa informacji.
Dostarczamy i wdrażamy sprawdzone rozwiązania podnoszące bezpieczeństwo informacji oraz systemów IT w firmie, systemy pomagające organizacjom chronić ich informacje przed wyciekiem, a systemy przed cyber-atakami. Wykonujemy testy i audyty mające na celu weryfikację i podniesienie poziomu bezpieczeństwa informacji i systemów. Realizujemy testy penetracyjne, analizy bezpieczeństwa sieci, systemów, aplikacji, serwisów internetowych i aplikacji mobilnych.
Zajmujemy się także zagadnieniami formalno-prawnymi i organizacyjnymi ochrony informacji. Budujemy lub audytujemy polityki bezpieczeństwa, wykonujemy analizę ryzyka, badamy lub zapewniamy zgodność przetwarzania danych osobowych z obowiązującymi przepisami prawa.
Wysoka jakość naszych usług oraz wiedza naszych inżynierów zapewniła, że wśród naszych klientów jest wiele dużych firm, w tym największych z sektora finansowego.
Jesteśmy partnerami między innymi następujących dostawców:
Forcepoint – zintegrowana ochrona kanałów e-mail, web oraz informacji (DLP)
Boldon James – klasyfikowanie informacji, dokumentów, maili z poziomu użytkownika
Sealpath – zarządzanie prawami dostępu do informacji (wewnątrz firmy oraz poza firmą)
Splunk – analiza i korelacja logów i raportowanie on-line
FastPassCorp – samoobsługa w zmianach haseł
WebSpy – analiza logów off-line
CounterTack – ochrona przed zaawansowanymi zagrożeniami typu malware z poziomu stacji roboczej
Damballa – sieciowa ochrona przed zaawansowanymi zagrożeniami typu malware oraz atakami APT
Virtual Forge – audyt bezpieczeństwa systemu SAP: audyt kodu ABAP, konfiguracji, praw użytkowników
Cynet – automatyczna ochrona I detekcja przez nieznanymi I zaawansowanymi zagrożeniami typu malware oraz atakami APT
Sebastian Watras
Tel. 662 287 730
[email protected]
Klaudia Kałuska
Tel. +48 662 287 865
[email protected]
Patrycja Gielecińska
Tel. 662 287 833
[email protected]
Włodzimierz Duszyk
Tel. 662 287 870
[email protected]