Agenda
08:00 - 08:50 |
Registration & Networking |
08:50 - 09:00 |
Chairperson's Welcome |
09:00 - 09:20 |
► Securing the Digital Citizen: a public sector view Philipp Grabher, Chief Information Security Officer, Canton of Zurich
|
09:20 - 09:40 |
► The 2022 Malware and Vulnerability Threat landscape Julian Kanitz, Lead Sales Engineer, DACH, Recorded Future The presentation examines trends in Malware use, distribution, development and high-risk vulnerabilities disclosed by major hardware and software vendors in the first half of 2022. It will cover:
|
09:40 - 10:00 |
► Debunking Common Myths About XDR Manuel Wolf, Security Expert, Alps, SentinelOne
|
10:00 - 10:20 |
► The Vulnerability Vector: An opportunity for the hacker and a challenge for the CISO Juan Carlos López Ruggiero, CISO, Bouygues Energies & Services
|
10:20 - 11:00 |
► Education Seminar Session 1 Delegates will be able to choose from the following education seminars:
|
11:00 - 11:30 |
Networking Break |
11:30 - 11:50 |
► Panel: Balancing Regulation/Compliance and Security Tom Schmidt, Partner, EY (Moderator); Aneta Podsiadla, Data Protection & Compliance Officer, Vorwerk; Juan Carlos Lopez Ruggiero, Chief Information Security Officer, Bouygues Energies & Services; Ralf Winzer, Group Information Security Officer / Group Data Protection Officer, Zehnder Group International AG; Olivier Busolini, CISO, Sygnum Bank; Dr. Dominik Raub, Chief Information Security Officer, Crypto Finance AG
|
11:50 - 12:10 |
► Distributed Cloud Services: Uniform security controls for distributed infrastructures Andrea Arquint, Senior Solutions Engineer, F5 Switzerland GmbH
|
12:10 - 12:30 |
► How AI Can Think Like an Attacker Marcel Gill, Account director and Marcel Wuestner, Account director, Darktrace
|
12:30 - 12:50 |
► It’s More Than Phishing – How to Supercharge your Security Awareness Program Javvad Malik, Lead Security Awareness Advocate, KnowBe4
|
12:50 - 13:30 |
► Education Seminar Session 2 Delegates will be able to choose from the following education seminars:
|
13:30 - 14:30 |
Lunch & Networking Break |
14:30 - 14:50 |
► The Cloud Security Journey Olivier Busolini, Chief Information Security Officer, Sygnum Bank
|
14:50 - 15:10 |
► Activating Cyber Threat Intelligence Albert Brauchli, Country Manager Mandiant Switzerland Mandiant responders are on the frontlines every day, investigating and analyzing the latest attacks and threats, and understanding how best to respond to and mitigate them. Everything we learn is passed on to our customers through our various services, giving them a much needed advantage in a constantly evolving threat landscape.
|
15:10 - 15:30 |
► Getting out of the terminological confusion around security concepts: What is really new and relevant? Achim Kraus, Technical Solution Architect, Gatewatcher
|
15:30 - 16:10 |
► Education Seminar Session 3 Delegates will be able to choose from the following education seminars:
|
16:10 - 16:30 |
Networking Break |
16:30 - 16:50 |
► Securing Client Assets – In the Context of Escalating Cyber Threat Dr. Dominik Raub, Chief Information Security Officer, Crypto Finance AG
|
16:50 - 17:30 |
►Senior Leadership Panel: What’s on the Horizon? Simon Brady, Managing Editor, AKJ Associates (Moderator); Philippe Vuilleumier, Chief Security Officer, Swisscom; Captain Patrick Ghion, Head Regional Cyber Competence Center for Western Switzerland (RC3); Klaus Haller, Senior Security Architect, AXA; Michele Federici, Head of IT Security, Dialetic AG
|
17:30 |
Conference Close |
Education seminars
The next class of browser-based attacks
Brett Raybould, EMEA Solutions Architect, Menlo Security
There are two distinct characteristics that all threat actors tend to share. First, they focus on avoiding detection by any means. Second, while some go after specific targets, many opt to aim their tactics at the vectors that will reap the greatest rewards. After all, a small pond with many fish increases everyone’s chances of success.
Between July and December 2021, there was a 224% increase in highly evasive adaptive threats (HEAT) attacks – a class of cyber threats targeting web browsers as the attack vector. While malware once had to be downloaded to pose a real risk, now, it’s a dynamically-generated threat toolkit built in the web where employees are productive.
In this session you will:
- Discover the anatomy of recent browser-based attacks
- Learn why network security today is broken
- Experience a live demo that enables you to discover the technology approach proven to eliminate these threats
Adversary Driven Threat Intelligence: Understand how Cyber Deception will help your organization make intelligent business-driven decisions.
Conrado Crespo, Senior Sales Engineer, CounterCraft
Join this session to find out more on;
- Limited value in generic intelligence: why is the traditional threat intelligence broken?
- Can deception technology really provide actionable intelligence? How does it work?
- What are the risks involved in adopting this approach?
- Am I mature (from a security operations perspective) enough to leverage this approach?
Understanding the True Threats to Identity Against the Modern Threat Actor
Florian Hartmann, Senior Sales Engineer, Crowdstrike
Modern adversaries no longer break in, they login. An attacker with compromised credentials has free reign to move about an organization and carefully plan their attack before they strike.
In more than 80% of modern attacks show threat actors are using valid credentials. It's not Zero Days or Phishing that should be your concern from attackers, it's that they already have the keys to your kingdom. Join us to further understand:
- the history of Identity and Identity architecture.
- the Identity threat landscape
- identity attack techniques by eCrime and Nation State actors
- best practices for solving the identity problem
Combatting the Latest Phishing Threats - Why an Adaptive Layered Defense is the ONLY Offense for Swiss Organisations
Alain Salesse, Senior Sales Engineer, Cofense
- What is an adaptive security architecture and what are the objectives – With so much focus on cyber-attack prevention, many security teams have adopted an incident response mindset versus one that assumes systems are compromised and require continuous monitoring and remediation. We’ll walk you through the benefits and objectives of implementing an adaptive security architecture and risk framework.
- The current situation in email and phishing security – We’ll share some of the latest insights from the industry and what we’re seeing through our unique combination of artificial, human, and high-fidelity intelligence.
- Implementing adaptive security architecture and risk framework with Cofense – We’ll talk through how to classify your existing and potential email security investments to increase your security posture while reducing costs, vendors, and configuration complexity.
Staying Secure in the Midst of the Talent Crisis
Wade Lance, Field CISO, Synack
The worldwide cyber talent shortage is real and growing. Just in the US there are 1 million people employed as cyber security professionals, but over 700,000 unfilled job postings and that number is growing at an alarming rate. Globally, the gap is at least 2.7 million. Initiatives are underway to address the shortage spanning government, industry groups, and the private sector, however the short-term cybersecurity implications are alarming. The lack of skilled practitioners extends beyond the issue of headcount- deficiencies exist in capability, diversity, morale and more. But effective and innovative solutions can bridge the talent gap and address both near term and longer term needs. In this session we will discuss:
- Current options to increase the cyber talent capacity required to meet organizations’ current and future security needs.
- Broadening the diversity of available security skill sets to cover the full scope of vulnerabilities for on-premise, cloud, networking, hosts, mobile, applications, etc.
- The challenges, and importance, of establishing a continuous testing practice to keep pace with the continuous application development and deployment methodologies.
- The advantages of leveraging a global researcher community as part of your security operations.
- The importance of standard testing frameworks and operational transparency in leveraging untapped and available security talent
Data-Centric Security for Data Protection | Every Digital Asset | Everywhere
Jasbir Singh, Partner and Managing Director Europe, Seclore Technologies
IT environments digital borders have shifted significantly over the last years. WFH, BYOD, Cloud, Collaboration plus evolving hacker tactics and new compliance regulations are causing a lot of pressure on organizations. What should the boundaries of your IT environment look like today, with evolving technology and remote workforces?
Jasbir Singh will discuss the challenges of traditional security solutions in a world of disappearing borders and how Data-Centric-Security can address these challenges in a centralized and transparent way.
We will explore:
- How to protect your organization against Insider Threats
- How to ensure Secure Collaboration
- Mitigating Third Party Risk by protecting your data everywhere
- Data-centric security as a cornerstone to staying Compliant