Computerworld magazine ISSA Polska, ISACA Warsaw and Katowice Chapters invite you to the online cyber security conference. The idea of the conference is to increase managers' knowledge about IT security, which in the new reality is more challenging for enterprises than ever before.
Information security has become a critical factor for the operation and development of businesses in almost every industry, which is why it is so important to share the experience of those involved. We want our experts and participants to create a platform for the exchange of knowledge, which they can use to develop their business safely.
The conference will be held entirely in a virtual formula with the use of interactive technologies, thanks to which there will be no shortage of LIVE interviews, chats with participants and, above all, a large dose of knowledge about IT security, which will be provided by the best practitioners live on stage.
Welcome to participants. Opening of the conference.
OWASP flagship projects – cure for application vulnerabilities.
Application security vulnerabilities are currently one of the biggest risks for enterprises. OWASP community strives to decrease this problem through the implementation of various projects. During the presentation, the latest changes in the flagship OWASP projects will be discussed. The presentation will be full of practical tips on how OWASP resources can be used in the development of applications, their maintenance or security verification.
Transitioning Information Security from scaring to caring: implementing positive internal culture.
About secure identity management 3.0, i.e. IdM and IBM Cloud Pack for Security.
Identity and access management is a very important element of the landscape of cybersecurity. What are the key challenges and modern trends of identity & access management? A very important element is the proper adaptation of solutions to the specific needs of the organization, its size, and way of working, and the IT solutions it has, on-premises and/or in the cloud. IBM Cloud Pak for Security is a very interesting example of a modern identity & access management tool that improves the security level of the entire organization and provides a high level of reliability. How to properly approach in practice identity & access management and from what angle to evaluate available tools?
Trust – the outsourced insider problem.
The easiest way in – is via your trusted partner. Abusing the relationship of trust is one of the most important weapons in cybercriminals' arsenal. Software supply chain attacks, hijacked MSP tools as well as compromised supporter accounts are getting more common. Especially MSPs have become the focus of cyber-attacks. Despite the common “why would anyone attack me” mentality, they are a perfect target for any cybercriminal. In this session, the main topics of trust will be discussed using real example cases and solution approaches presented. We will highlight where companies put too much trust into the IT infrastructure and where the common blind spots are abused, including ransomware attacks and data exfiltration.
Why is there a lack of cooperation among cybersecurity communities at the EU level?
Adversaries and attack vectors are constantly increasing in numbers making it difficult for organisations to single-handedly protect against threats. Organisations do not have a pool of expertise or tools that could provide adequate coverage. What can be done to improve cyber resilience in a cost-effective way? Cross-border and cross-sector cooperation with a timely exchange of information between organisations in Europe should be sought. Cooperation already exists on the national and regional level but lags behind at the EU level. Private sector has threat intelligence and is often on the first line of defense. If public sector established communication channels (e.g. EU CSIRT Network), why companies wouldn’t do the same? This is even more important when considering that economies and companies in the EU are often interconnected through wide supply chains. Breach in a company in one country often spill-overs to the company in another country. Proactive and timely cooperation can limit the potential of consequences. How to improve the cooperation between cybersecurity stakeholders? What are the current existing regimes, mechanisms and good practices of information sharing? What are the incentives for cooperation and eventual risks in forming partnerships? What is the role of European Cyber Security Organisation in facilitating cooperation at the EU level? Presentation will seek to answer these questions.
Break to visit the Partner Zones.
Anamorphic Cryptographic Schemes: Opportunities and Threats.
Cryptography is treated as a golden bullet for data protection. We not only trust its formal security proofs but also believe that the products delivered are the products described. Unlike in many other application areas, inspection possibilities might be limited, for example, due to the necessary protection of secret keys. There are a growing number of examples in which a cryptographic device behaves according to specification A, but at the same time implements hidden functionality B, which is undetectable to an observer. This can be used for good but also for malicious purposes. We discuss this issue and try to find where we are today.
How Information System Authority of Estonia leverages Cloudflare to strengthen its cyber security.
The uncertainties and impacts of the war in the region have changed the Estonian state operational landscape and around the globe. Multiple organizations in different regions are facing an unprecedented surge in online traffic and attacks. Relying on their legacy infrastructure is not helping them deliver a fast, secure, and reliable experience. Join this session with Tonu Tammer, Executive Director of CERT Estonia and Anatol Nikiforov, Enterprise Account Executive at Cloudflare will go through how Information System Authority of Estonia leverages Cloudflare to strengthen its security as well as provide best practises for the government sector to make their online applications more resilient, performant, and secure.
CaaS – Cybersecurity as a Service.
The world of cybercrime currently generates millions of different and ever-changing threats. The post-pandemic reality, the situation related to the war in Ukraine and the growing sense of cyber threat accompany companies at every step. Covering all areas of vulnerability to cyber threats has become extremely difficult and sometimes even unattainable. The reasons are barriers such as the availability of experts and the costs associated with the appropriate diagnosis, acquisition and implementation of the best cybersecurity technologies.
Practical Threat Hunting with SIEM.
Our current cyber security paradigm dictates that we must assume the attacker is either already in our network or forcing its doors every chance it has. That makes threat hunting one of the routine periodic (if not continuous) security operations today. The need to monitor the endpoints is ever increasing, however, that does not diminish the value of network wide analytic reviews to identify the potential culprits in our networks. SIEM is still and it will be an essential tool for monitoring our networks, although it is not enough all by itself. The strongest capabilities of a SIEM tool are its analytic aggregation functionalities and stream processing of real life data. With those capabilities we are able to identify some of the real time malicious activities and analyze the past event patterns which are good signs of malicious behavior. Like any tool SIEM is only as effective as it user's skills. In this session we go through various use cases of a SIEM tool to demonstrate how we can identify suspicious activities and their sources. In those cases we will also testify the importance of understanding offensive techniques for an effective blue team.
Break to visit the Partner Zones.
Process automation as a way to ensure constant improvement of defense mechanisms.
Along with the expansion of the IT infrastructure, the number of tools used by administrators increases. In the entire flood of information and events - are we able to find those that have a significant impact on our organization from the point of view of security? What are the advantages of solutions working on the basis of an integrated ecosystem which is to serve not only the exchange of information about threats, but also automatic response in order to enforce an appropriate level of security? Do XDR class solutions allow us to see the full picture or is it better to use the knowledge and experience of third parties and people?
10 principles of effective pentest.
How attackers bypass antivirus, EDR and app whitelisting.
Application whitelisting is core; antivirus is a necessity and EDR is becoming standard. These layers of defense are definitely needed in every organization's environment. But what can an attacker do in the network even if he has to go through these secured systems? And what role does user and administrator behavior play in this? This is the subject of my presentation full of practical examples.
Closing of the conference.
Filip Walicki
Tel. 662 287 904
[email protected]
Piotr Fergin
Tel. +48 533 358 952
[email protected]
Włodzimierz Duszyk
Tel. 662 287 870
[email protected]