Agenda
08:00 - 08:50 |
Login and Networking |
08:50 - 09:00 |
Chairman's welcome |
09:00 - 09:20 |
► Our Challenges in IT: Attack Scenarios Ernestine Schikore, Informationssicherheitsbeauftragte CISO, University of Basel
|
09:20 - 09:40 |
► CORTEX SECURES THE FUTURE Stefan Schinkel, Director Cortex Central Europe, Palo Alto Networks Security Operations Centers (SOCs) are characterized by chaos, struggling with siloed tools, manual processes, and reliant on the old premise of high-volume, low-fidelity rule-based correlation for everything from detection to investigation. This session details the building blocks of simpler, and more effective security operations and how SOCs transform to an automated proactive model by spending less time on manual reactive processes and more on hunting for unknown threats and transferring knowledge gained into future improvement.
|
09:40 - 10:00 |
► Current pricing models for cyber attacks. Abdelkader Cornelius, Threat Intelligence Analyst, Recorded Future In this presentation, you will receive live information on the current prices and requirements of active threat actors and their tools and campaigns. You will learn:
|
10:00 - 10:20 |
► International Data Transfer Andreas Lober, Partner, BEITEN BURKHARDT
|
10:20 - 10:50 |
► Education Seminar Session 1 Delegates will be able to choose from the following education seminars:
|
10:50 - 11:20 |
Networking break |
11:20 - 11:40 |
► Executive Panel Discussion: Turning the tide on surveillance capitalism On July 16th, the Court of Justice of the European Union published its eagerly awaited decision in the Schrems II case, which invalidated the framework of the US-EU data protection shield for the international transfer of data. This, of course, presents a particular problem today, given the accelerated digitization programs that all types of businesses are going through, particularly as a result of the current state of the world. Topics such as the close link between data privacy and data protection and their successful implementation are discussed here, among other things.
|
11:40 - 12:00 |
► The Evolution of Endpoint Security: From EPP to EDR to XDR Matthias Canisius, Regional Director Central Europe, SentinelOne
|
12:00 - 12:20 |
► Talking to the Board: the New Realities of IT Security Jamie Moles, Senior Security Engineer, ExtraHop
|
12:20 - 12:40 |
► Securing the Future of Work with Cyber AI Marco Di Meo, Sales Team Leader, EMEA, Darktrace
|
12:40 - 13:10 |
► Education Seminar Session 2 Delegates will be able to choose from the following education seminars:
|
13:10 - 14:10 |
Lunch and networking break |
14:10 - 14:30 |
► Executive Panel Discussion: "To expect the unexpected shows a thoroughly modern intellect." Oscar Wilde would probably not have chosen the life of a CISO but he was right about the way they should look at the world. The Solar Winds hack makes the security of security the issue it should always have been. Enforced digitalisation of everything from the customer interface to supply chain management makes every element of most businesses a cyber attack surface. The IoT, better thought of as an infinite ecosystem of sensors, does the same while upending business models such as insurance. And it seems as though WFH, COVID and a continuation of on/off remote and hybrid working is with us for many more months. So, what do your fellow CISOs think 2021 will bring? And how are they planning to meet those challenges?
|
14:30 - 14:50 |
► Present and future attack factors: the risks to Germany’s internet hubs & how to protect them Eward Driehuis, Senior Vice President Strategy, Cybersprint
|
14:50 - 15:10 |
► Alarm Fatigue in the SOC: "If you lie once, you won't be believed ..." Achim Kraus, Solutions Engineering CEEUR, Corelight Inc.
|
15:10 - 15:40 |
► Education Seminar Session 3 Delegates will be able to choose from the following education seminars:
|
15:40 - 16:00 |
Networking break |
16:00 - 16:20 |
► Defending Enterprises from the Full Spectrum of Cyber Threats Chris Kubic, Chief Information Security Officer, Fidelis Cybersecurity The threat landscape is constantly evolving and our environments are getting more complex and harder to defend. Witnessing the scale and sophistication of recent attacks disrupting our security world, what can CISOs and security operations teams do to level the playing field and defend their enterprise environments against threats originating from cybercriminals, sophisticated and stealthy nation-state attackers, insiders, 3rd party partners, and supply chains. In his presentation, Chris will outline what we can do to better protect ourselves against the full spectrum of these threats.
|
16:20 - 16:40 |
► Spotlight on ransomware – the police perspective Peter Vahrenhorst, Detective Chief Superintendent, State Office of Criminal Investigation of North Rhine-Westphalia
|
16:40 - 17:00 |
Delegates will be able to choose from the following presentations:
|
17:00 - 17:05 |
Closing remarks |
17:05 - 17:30 |
Networking |
17:30 |
Conference close |
Education seminars
SAP Security Threat Landscape 2021 (EN)
Frederik Weidemann, Chief Technical Evangelist, Onapsis Inc
In the past few years, 64% of organizations’ ERP systems have been breached, according to a research study by IDC.
Are you aware how attackers have breached and can break into unprotected customer SAP landscapes?
Attend this session to gain insights into:
- What attacks on your SAP systems look like
- What security challenges exist in SAP environments (e.g. S/4HANA)
- Moving to the cloud with confidence — how to address security in hybrid landscapes
- Ways to protect your organization
Rethinking & Solving the Patching Problem: A New Approach
Stephen Roostan, VP EMEA, Kenna Security
This sessions explains why the area of vulnerability management offers an untapped opportunity to measurably decrease risk and deliver operational cost savings.
- Strategic and tactical benefits of designing a new framework
- Changing the patching mind set across all stakeholders
- Leveraging existing investments with future-proof, flexible tools
- Defining - and achieving - the right success metrics for your business
Effective security: Least Privilege as an important part of your PAM strategy
Mohamed Ibbich, Senior Technology Consultant, BeyondTrust
It is becoming more and more difficult to find a good balance of rights distribution for employees and administrators. Users as well as IT administrators should be given sufficient authorizations to carry out their work productively, while at the same time minimizing IT security risk and protecting sensitive data systems. Attackers are often one step ahead of organizations. Even those with the most comprehensive IT security systems and control mechanisms fear that an attacker could discover and exploit a vulnerability. This session explains practical tools that companies can use to implement industry-recognized best practices for endpoint privilege management and basic security controls to protect IT systems and data from the most common attacks. It contains recommendations for successfully implementing a least privilege strategy that will help you eliminate unnecessary permissions. Likewise, rights can be increased on multiple platforms and networked devices without affecting end-user productivity.
This session provides information about:
- Recommendations for implementing basic security controls
- Best practice examples on the subject of endpoint privilege management
- Tips for successfully implementing a least privilege strategy (principle of least privileges)
Next Generation Offensive Security Testing
Thomas Hornung, Solutions Architect EMEA & Stephan Rosche, Sales Director DACH Region, Synack
The noise within security circles has become overwhelming, making it difficult to focus on what is real. Traditional pen testing is no longer an option so organizations are leaning on crowdsourced security testing as a proactive means of identifying sources of risk and building trust with customers, all while operating remotely.
In this session you’ll learn:
- About a revolutionary security testing approach using teams of highly vetted, top-class security researchers who can find serious vulnerabilities in any live system often within a matter of hours.
- How Synack's remote security testing platform can help augment your internal teams now.
- Of a number of use cases and POCs performed at customers across EMEA
Enterprise Security - Securing Cloud-Native Applications at Scale
Mathias Conradt, Sr. Solutions Engineer (DACH), Snyk
Join this session to learn:
- How DevSecOps is being used to secure cloud-native applications.
- Cloud-native architecture is improving time to capability at a reduced cost for the enterprise.
- Unify your dev team around a secure deployment approach with cloud-native architecture such as containers.
Working from home is not safe for work
Etay Maor, Chief Security Officer, IntSights
- How threat actors leverage threat intelligence
- New emerging threats for the remote work force
- What security professionals need to ask themselves to better understand their security posture