Agenda

08:00 - 08:50

Login & Networking

08:50 - 09:00

Chairman's Welcome

09:00 - 09:20

► Securing Critical National Infrastructure

Joost Rommelaere, former Regional CIO EMEA & Americas, PSA International

  • Do you operate a critical national infrastructure ?

  • What is the regulatory impact at this moment ?

  • How cyber secure can you make your critical infrastructure?

  • How to deal with cyber resilience of critical national infrastructure in a multinational context?

  • How to interact with your national Cyber Security Center and other stakeholders of your ecosystem?

09:20 - 09:40

► Supply Chain Attacks Are The New High Watermark- It’s not all trucks and fish tanks

Thom Langford, Security Advocate, SentinelOne 

  • See the vectors of attack and what makes supply chain attacks quite so devastating.
  • Understand the scale of the supply chain and why attacks are an inevitability.
  • Learn three simple tricks to help combat supply chain attacks (number two will astound you!)
09:40 - 10:00

► The Battle of Algorithms: How AI is beating AI at its own game 

Toby Lewis, Head of Threat Analysis, Darktrace 

  • How cyber-criminals are leveraging AI tools to create sophisticated cyber weapons  
  • What an AI-powered spoofing threat may look like, and why humans will not be able to spot them 
  • Why defensive AI technologies are uniquely positioned to fight back  

 

10:00 - 10:20

► Trusted Computing and its Application in Preventing ECrime

Dr. Ian Oliver, Technical Staff (Cybersecurity), Nokia Bell Labs

  • The shift from malware to Supply chain attacks in the domain of ‘nation state actors’
  • How effective is TPM 2.0 in addressing these attacks
  • Higher level services and integrating technology into IoT, Edge Cloud and communications
  • Case studies from safety critical domains such as medical and railway systems
10:20 - 10:50

 Education Seminar Session 1

Delegates will be able to choose from the following education seminars:

  • How Hackers Hack: Attacker Methodology & Lifecycle - Jeremiah Roe, Synack
  • Leveraging IAM for Effective and Efficient Threat Mitigation - Lonnie Benavides, Head of Infrastructure and Application Security, OneLogin
10:50 - 11:20

Networking Break

11:20 - 11:40

► Panel: Cybersecurity leaders

Roy Konings, Head of Security Benelux, Ericsson; Daniela Lourenço, Business Information Security Officer, CarNext

  • Is cybersecurity finally going to become a truly C-suite concern?
  • Is this the moment we move from technology-oriented CISOs to strategic, business-advisory CISOs?
  • Does this public urgency on the part of government imply a greater role for information security in the change management process around digitalisation?

 

11:40 - 12:00

► How to Increase Incident Response Efficiency With Security Intelligence

Mikael Mörk, Sales Engineer, Recorded Future

  • Integrate unprecedented, real-time security intelligence into your SIEM or SOAR to enhance your existing workflows (Splunk, QRadar, XSOAR, ServiceNow SIR)
  • Use the broadest set of external data sources available anywhere to rapidly contextualise alerts and accelerate prioritisation
  • Utilise real-time risk scores of IPs, domains, hashes, and malware to enable fast threat detection and response
12:00 - 12:20

► The psychology of a Social Engineering attack

Jelle Wieringa, Security Awareness Advocate, EMEA, KnowBe4

  • Learn how psychology plays a vital role in social engineering
  • Understand the techniques cybercriminals use to fool you
  • Get actionable insight on how to better protect yourself
12:20 - 12:40

► Building Cybersecurity Immunity to Ransomware with PAM 

James Maude, Lead Cyber Security Researcher, BeyondTrust

  • Explore ransomware attacks and how you can protect your environment by making it inhospitable to them
  • Learn 6 things to know about Ransomware
  • Takeaway realistic security practices you can implement to protect against ransomware 
  • Understand the role of PAM (privileged access management) in mitigating the risks of ransomware and other cyber threats with a powerful, blended defense 
12:40 - 13:10

► Education Seminar Session 2

Delegates will be able to choose from the following education seminars:

  • Rethinking & solving the patching problem: a new approach, Stephen Roostan, VP, EMEA, Kenna Security & Dan Burns, Head of Cyber Security Operations, Next plc
  • Rolling out of an NDR: what benefits to expect - Luis Delabarre, Solution Architect, Gatewatcher

13:10 - 14:00

Lunch & Networking

14:00 - 14:20

► Future Crimes: Emerging Threats from Cyber Malicious Innovators 

Robin Smith, CISO, Aston Martin

  • What can we tell about the future of cybercriminality from current trends, gross criminal revenue and attack by sector? How can this be used to build a profile of the attackers?
  • The global cost of crime is increasing: has ransomware changed the rules of the game for CISOs?
  • Drone Offences. Robot Attacks. Artificial Intelligence Plagues. Science Fiction or future threat? 
  • Moving towards the defences of the future. 
14:20 - 14:40

► Selling Breaches - the transfer of network access on criminal forums

Paul Prudhomme, Head of Threat Intelligence Advisory, IntSights

  • The sale and purchase of unauthorized access to compromised enterprise networks have become significant enablers for criminal cyber attacks, particularly ransomware infections.
  • Some criminals specialize in network compromises and sell the access that they have obtained to third parties, rather than exploiting the networks themselves.
  • By the same token, many criminals that exploit compromised networks, particularly ransomware operators, do not compromise those networks themselves but instead buy their access from other attackers.
  • These exchanges on underground criminal websites enable specialized criminals with complementary skills and resources to maximize the severity and impact of the underground criminal ecosystem and the criminal kill chain.
  • This specific variety of criminal market offerings is less well-known than others, such as the sale of compromised bank cards from retail & hospitality breaches.
14:40 - 15:00

► Security from Endpoint to Cloud

Aaron Cockerill, Chief Strategy Officer, Lookout

  • How Secure Access Service Edge (SASE)  protect your organisation's data in the cloud 
  • Why you need integrated endpoint-to-cloud security to safeguard your data while complying with regulations and respecting personal privacy

 

15:00 - 15:30

 Education Seminar Session 3

Delegates will be able to choose from the following education seminars:

  • An Alert Has Fired, Now What? - Alex Kirk, Global Principal, Corelight

  • Critical Infrastructure Protection by OPSWAT-Live Demo - George Chereches, Sales Engineer Team Lead for EMEA, OPSWAT

15:30 - 16:00

Networking Break

16:00 - 16:20

► PCI SSC Update

Jeremy King, VP, Regional Head for Europe, PCI Security Standards Council

  • PCI DSS V4.0 latest news
  • PA-DSS migration to Software Security Framework
  • Software Security Framework latest news
  • Training
  • Informational Training
  • Work From Home
  • Remote Assessments
  • PCI at a glance
16:20 - 16:40

► Securing the University 

Garry Scobie, Deputy CISO, University of Edinburgh 

  • Universities are unique entities. Comprised of disparate faculties, departments and campuses, they operate as a miniature city might. Furthermore, with the wealth of personal data they hold, their capacity to conduct cutting edge research, and their lack of funding when it comes to cyber defences, they are an attractive target for criminals
  • For years institutions in the higher education sector have been being hit: what should information security professionals in universities be doing to improve their defences
  • What can CISOs from different industries learn from the university challenge?
16:40 - 17:00

► How does Benelux cybersecurity stack up?

Simon Brady, Managing Editor, AKJ Associates

  • Comparing CISO opinions and attitudes across Europe
  • What are the most significant changes to CISO roles in the last 12 months?
  • Why cybersecurity will be unrecognisable in three years’ time
17:00 - 17:05

Chairman's Closing 

17:05 - 17:30

Networking Break

17:30

Conference Close

Education seminars


Leveraging IAM for Effective and Efficient Threat Mitigation


Lonnie Benavides, Head of Infrastructure and Application Security, OneLogin.

There’s no question that the current cybersecurity landscape is constantly shifting and evolving as new threats and security solutions emerge. Increased cyber attacks and distributed workforces have created new challenges that require innovative solutions.

Faced with the challenge of managing identities and securing access to data and applications from a growing number of endpoints, what are the fundamental controls organizations need to maintain business continuity and secure their remote and hybrid workforce?

Hear from Lonnie Benavides – Head of Infrastructure and Application Security, Onelogin – for a discussion on practical information and advice regarding the utilization of identity and access management solutions to effectively mitigate modern cyber threats to your business.

Key Takeaways:

  • Understanding the key fundamentals of a strong cloud security posture
  • Why passwords alone are not enough
  • Best practices for building a cybersecurity strategy at scale

Critical Infrastructure Protection by OPSWAT-Live Demo


George Chereches, Sales Engineer Team Lead for EMEA, OPSWAT

How can file transfers be secured across the entire enterprise, especially between uncontrolled devices? George Chereches, EMEA Sales Engineer Manager at OPSWAT will demo how to secure files transfer into, across, and out of secure environments to avoid malware and/or data breach.

  • Breach Prevention with Multiscanning
  • Cybersecurity Compliance
  • Digital Perimeter Control with Automated Device Blocking
  • Secure File Transfer with Automated Media Blocking

An Alert Has Fired, Now What?


Alex Kirk, Global Principal, Corelight

While the security industry spends a lot of time and energy getting more and/or better alerts, comparatively little investment has gone into helping analysts operationalize and contextualize those alerts. This session will discuss:

  • How a solid foundation of network telemetry can enable a high-velocity, high-confidence processing of alerts of all stripes.
  • How this can also a host of other critical security applications, from fundamentals like asset management to advanced techniques like proactive threat hunting. 
  • Real-world examples and code will be used throughout the talk, along with practical considerations for operating in an enterprise environment.

Rolling out of an NDR: what benefits to expect


Luis Delabarre, Solution Architect, Gatewatcher

Addressing advanced attacks is more and more a challenge, even for the most mature enterprises. It’s time for a different approach, mainly based on more useful data and automation. 

  • What is an NDR
  • Advanced detection to address complex attacks (ie: sunburst)
  • Investigate with Threat intelligence
  • Ecosystem integration as an answer

 


How Hackers Hack: Attacker Methodology & Lifecycle


Jeremiah Roe, Synack 

In this deep dive discussion, Synack Solutions Architect and Red Team Expert, Jeremiah Roe takes a practical approach to the attacker lifecycle. He walks through each of the 7 steps of the kill chain, from Reconnaissance to Actions on Objectives, providing live demonstrations and tools. 
You’ll learn:

  • How the adversary applies the kill chain: We share the 7-step process of the attacker lifecycle and methodologies with an in-depth demonstration of the kill chain.
  • New Exploits (And How to Defend Against Them)
  • How to Add Rigor to Your Pentesting: Where traditional penetration testing stops and crowdsourced penetration testing probes further.

Rethinking & Solving the Patching Problem: A New Approach


Stephen Roostan, VP EMEA Kenna Security & Dan Burns, Head of Cyber Security Operations, Next plc

In the last six months there has been more pressure than ever on IT Security functions to squeeze out as much value as possible from their budgets. In this session Stephen and Dan look at why the area of vulnerability management offers an untapped opportunity to measurably decrease risk and deliver operational cost savings. 

  • Strategic and tactical benefits of designing a new framework
  • Changing the patching mind set across all stakeholders
  • Leveraging existing investments with future-proof, flexible tools
  • Defining - and achieving - the right success metrics for your business