With the emergence of the Secure Access Service Edge (SASE), network and security professionals are struggling to build a migration plan for E-mails and attachments: A deadly duo that targets several organizations and is the main cause of cyber attacks today. Word, Excel, PDF and Images sneak in as attachments via e-mails that pose to be legitimate ones. Once they are opened, they end up dropping .exe or malicious files via macros, java scripts, macro 4.0 or steganography. More info…

When we try to implement Security spirit into the product development, security often perceived as something unclear and only in the light of “we don’t like that stuff, but we have to do it”. As a result, we often end up software teams with only minimal compliance, which is far away from the nature of today’s cybersecurity standoff. This course is intended to explain how to implement and continuously grow an enhanced Secure Development Mindset into all those involved in product release lifecycle. More info…

In today’s rapidly changing threat environment, knowing what is happening inside your organization is not enough. How to monitor your threat landscape; what threat actors are targeting you, and what are their Tactics, Techniques, and Procedures (TTPs)? More info…

This session will examine how long-term trends and recent black swan events have affected and accelerated enterprise IT services and architecture over the last two years. We will discuss near-term technological changes and the challenges and opportunities they present for both attackers and defenders. “Secure” is a destination that no organisation will ever reach. Security is an endless race to help your business take the greatest possible advantage of opportunities offered by technological and societal change, while anticipating the new possibilities for compromise they offer to your adversary. Chess was never this much fun!

Automation and optimization are the top priorities of modern day Security Operations Center. Threat Hunters and SOC Operators are using tools like SIEM and SOAR that are supposed to streamline processes and increase the effectiveness of cyber defence. While this is true – this only works effectively when decisions are made on data of good quality.

Hence the rise of Threat Intelligence. During my keynote I will demonstrate how you can make qualified decision by having access to the biggest Threat Intelligence data provider in the world.

We will look at direct threats like leaked credentials, domain abuse, data up for sale on Dark Web. I will also show how you can speed up alert triage and dramatically enhance the speed of your investigations .We will also go into the Future where we will analyze what threats might be coming our way.

Mateusz Olszewski

Sales Executive Eastern Europe | Recorded Future

Mikael Mörk

Sales Engineer | Recorded Future 

One of the most profound shifts we’ve been hearing about is that legacy appliance-based approaches, that our customers around the globe are using to secure their networks, aren’t working anymore. Evolving your network for remote work has opened it up to risks.

Join today’s session to discover how delivering network security at the edge – not data centers – can better protect your applications, your data, and your users.

Micro presentations from our partners:

Petr Cihelka

Sales Team Lead | Fortinet

Tomas Vlcak

Head of Cybersecurity Division | PREFIS 

Joseph Carson

Chief Security Scientist and Advisory CISO | Thycotic

Martin Wozniak

Head of Corporate Sales & Business Development | Whalebone 

Both Red teaming and penetration testing should be a must in every company’s security assessment. Since companies don’t do such an engagement very often and in many cases it might be their first time it is very important to manage expectation and set rules of engagements properly.

GDPR has introduced data breach management including 72 hours deadline for the supervisory authority notification. I would like to describe the issues and the complexity of this obligation based on the Twitter case and highlight the most important takeaways from current enforcement activities.

You may wonder what these 3 different topics have in common, especially that the latter were not anticipated originally. What started as an assurance control for SOC effectivity proved later to protect sensitive data better against regulatory fines. Next year COVID stroke and the insiders to be laid-off wanted to get their piece of pie before being terminated.

Three very different scenarios over couple of years where Intelligence helped the CISO of the international retailer to crack on them without re-staffing his team nor adding another managed security service provider.

Most organisations identify a ransomware at the time the data is encrypted and there is a ransom demand “on the table”. However, this is preceded by a large number of IoCs that can be effectively detected on the network in real time and thus prevent a real cyber incident.

When you cannot find a fitting tool, you need to build one yourself. We have used this DYI approach after struggling to find suitable tool. We built our risk management on top of JIRA and utilizing native JIRA functionality of custom fields and workflows.

It’s like a James Bond movie but for real. A case study of an under-cover red teamer hired as a junior programmer. The target has decades of experience. Cybersecurity is not a new topic. How far can the attacker get? How will the IT department react? Bring some popcorn.

Cybersecurity is still viewed as a technology area; here is how to make it a #1 business priority.

Joseph Carson

Chief Security Scientist and Advisory CISO | Thycotic

Petr Chlumsky

CISO | SAZKA 

Rik Ferguson

Vice President Security Research | Trend Micro 

How did we get here? The discussion will look at the promises that were made of a security future that we’re still in search of today. This is analogous to the personal jetpack that we were promised in the early days of science fiction.

Hacking groups have changed their focus towards critical infrastructure and supply chains. The Kaseya case is just one example of a very sophisticated attack. Michal will talk about the techniques that hackers are currently using and provide his perspective on where their focus will shift next.

Our everyday life is dependent on space technologies. Thousands of satellites are orbiting the Earth and providing us crucial data which influence even the functioning of our critical infrastructure. In the presentation the biggest challenges of space security will be introduced and explained.

• It’s important to understand the context of the different actions in your database as it might reveal potential attacks.
• What the most critical security configurations are and how they can prevent a data breach.
• Understand the importance of security in depth

Sarit Yerushalmi

Security Researcher | Imperva

Ofir Shaty

Security Researcher | Imperva

Often, we hear a lot of information about how to build security development lifecycle at software companies and best practices from Google, Microsoft, Cisco, etc. However, there is a small nuance hidden here: not everyone has the same budget and the same opportunities. By the way, secure development in cases of DevOps, CI/CD practices is a necessary feature, even for small and medium company. During my statement I want to explore basic steps on the way of secure development, which are able to protect from 80% of threats. Besides, I’ll show some useful instruments, my own practical examples and achieved goals .• Why does SDL really matter for you? (interaction with audience – define a need)

• Basic key points: how to start?
• Real life case studies
• Resource planning – how not to dig too deep
• Check-list, references

A ransomware incident is never a good start of your week. It gets even worse when you find it encrypted literally everything. Or did it? We will look at a real-world case which started with no obvious tracks to follow, but in which some active research and a dose of intuition yielded great results.

In today’s increasingly cyber world organizations are more exposed than ever to potential malicious attacks. With remote workforces increasingly becoming the norm rather than the exception, organizations can expect to encounter even graver threats than they have before. The preparation an organization pursues before an event is the greatest determiner of how big of an impact a malicious event will have. Simply put, how an organization prepares for these events can spell success or doom. We will discuss common mistakes we’ve seen in our recent engagements and cover decisions made to facilitate a more positive outcome for our clients. Because being proactive can significantly reduce the negative impact of a security event we will also discuss preparatory steps at-risk organizations can take ahead of time (and to be honest everyone connected to the internet is at risk) or more specifically, industry best-practices for preparedness, investigation, and response.

We’re the luckiest generation in the history of humanity. The Renaissance 2.0 of cyberspace is producing game changing technologies that will last a thousand years.

In this session, Eddie Doyle will explore how blockchain will transform cyber security into an unfair fight against threat actors, helping you position yourself & your company to anticipate where this revolutionary technology will lead us.

2021 has been a year of stealth, exfiltration and innovation in the digital world. With the threat landscape expanding and threat actors are targeting several sectors in this digital space, the need for research and the need for innovative proactive research is the need of the hour.

When it comes to critical infrastructure, how a 50-year-old technology compares to a 50 thousand-year-old human? I want to show you how it is possible (without any special effort) to destabilize countries Critical Infrastructure systems.

In this session, we will introduce more clarity to these attacks imbued with skills of how to deal with detection and prevention. Most importantly, you will gain valuable skills of how to deal with ransom and ransomware cybercrime at every stage of the attack.

The presentation will focus on personal transfers within EU and outside in the third countries. The emphasis will be put on nature of the legal conditions and the relevant judgments (Schrems II case) affecting tranfers to third parties, especially USA.

Examples of real-life attacks, how and why attackers are using DNS protocol. What other threats we are facing in this area. It is not only reputation of domains. How attackers can exfiltrate or infiltrate data to networks and endpoints without detection on security stack.

The challenge faced by most organizations is that supply chain risks are not well understood and most importantly not assessed before using them for critical functions. Have you assessed your suppliers? Is it time to integrate Cyber supply chain risk management into Enterprise Risk management?

The US National Institute of Standards & Technology (NIST) provides de-facto standards for security, compliance and privacy. Session attendees will learn how to apply the NIST Cybersecurity and Risk Management Frameworks for increased security, compliance and standardization.

You have seen the power of the SASE architecture and the cloud transformation companies are undergoing – in this session we will explore case studies of organizations that have already started reaping the benefits of these changes. We will see how single pass engines and network based threat hunting empower security researchers and allow them to identify previously undetectable threats that fly under the radar of legacy point solutions.

Témy:

• Vzdelávanie Informačnej bezpečnosti, jeho rozvoj a KPI a výchova talentov.
• Cloud Security (prvotná kontrola, zmluvy, logovanie, ochrana).
• Bezpečnosť a prepájanie hybridných prostredí.
• DLP v banke, ako ho nastaviť, ako riadiť kontroly a prepojenie lokálneho DLP s cloudom.
• Disruptívny vývoj versus bezpečnosť (podpora biznisu, kontrola rýchlych zmien  a  vývoj v agilných tímoch)
• Riešenie starodávnej infraštruktúry v produkcii.