The Cybersecurity Conference in CEE and SEE regions
3 days of unique cyber security community event, in-person and virtual experiences, designed to give you a mix of opportunities for learning, networking and collaboration
This year, for the first time, we are offering you hybrid experience!
Attendees each year
Create the digital transformation plan that counts on security transformation as your critical function.
We are all in it together. Hybrid workforce, level of employee and organizational preparedness, daily threat risks and cyber attacks.
- Is GDPR-Compliance Nightmare for you?
Health Security Protocol
Your health is our priority #1 so we care. We keep following all measures issued by Czech government. Download the pdf so you get first-hand information on latest updates regarding COVID restrictions.
Please do not forget to register at Ministry of Health before coming to Czech Republic – https://plf.uzis.cz/
Join us at this must-attend hybrid event:
This hybrid event will point CxOs and cybersecurity experts to major shift, the move from on-prem to cloud, which bring A LOT of security opportunities we never had before.
Qubit Conference Prague 2021 - Program Guide
Day 0 - September 7
9:00 - 17:00 - Investigating digital document malware like a pro (Virtual training)
With the emergence of the Secure Access Service Edge (SASE), network and security professionals are struggling to build a migration plan for E-mails and attachments: A deadly duo that targets several organizations and is the main cause of cyber attacks today. Word, Excel, PDF and Images sneak in as attachments via e-mails that pose to be legitimate ones. Once they are opened, they end up dropping .exe or malicious files via macros, java scripts, macro 4.0 or steganography. More info…
10:00 - 13:00 - Secure development lifecycle implementation (Virtual training)
When we try to implement Security spirit into the product development, security often perceived as something unclear and only in the light of “we don’t like that stuff, but we have to do it”. As a result, we often end up software teams with only minimal compliance, which is far away from the nature of today’s cybersecurity standoff. This course is intended to explain how to implement and continuously grow an enhanced Secure Development Mindset into all those involved in product release lifecycle. More info…
14:00 - 16:00 - Work efficiently and proactively in your SOC with Security Intelligence (In-person)
In today’s rapidly changing threat environment, knowing what is happening inside your organization is not enough. How to monitor your threat landscape; what threat actors are targeting you, and what are their Tactics, Techniques, and Procedures (TTPs)? More info…
Day 1 - September 8
Event Moderator: Joseph Carson
Moderator of Technical Track: Boris Mutina
9:00 - 9:20 - Conference opening - Maria Krahulecova & Ondrej Krehel
CEO & Co-founder | Qubit Conference
9:20 - 9:50 - The New Digital Normal – Agile, Continuous, Contextual
This session will examine how long-term trends and recent black swan events have affected and accelerated enterprise IT services and architecture over the last two years. We will discuss near-term technological changes and the challenges and opportunities they present for both attackers and defenders. “Secure” is a destination that no organisation will ever reach. Security is an endless race to help your business take the greatest possible advantage of opportunities offered by technological and societal change, while anticipating the new possibilities for compromise they offer to your adversary. Chess was never this much fun!
9:50 - 10:40 - How good is the fuel powering your SOC - The importance of Threat Intelligence in modern day Cybersecurity Operations
Automation and optimization are the top priorities of modern day Security Operations Center. Threat Hunters and SOC Operators are using tools like SIEM and SOAR that are supposed to streamline processes and increase the effectiveness of cyber defence. While this is true – this only works effectively when decisions are made on data of good quality.
Hence the rise of Threat Intelligence. During my keynote I will demonstrate how you can make qualified decision by having access to the biggest Threat Intelligence data provider in the world.
We will look at direct threats like leaked credentials, domain abuse, data up for sale on Dark Web. I will also show how you can speed up alert triage and dramatically enhance the speed of your investigations .We will also go into the Future where we will analyze what threats might be coming our way.
10:40 - 11:05 - Network Security as-a-service
One of the most profound shifts we’ve been hearing about is that legacy appliance-based approaches, that our customers around the globe are using to secure their networks, aren’t working anymore. Evolving your network for remote work has opened it up to risks.
Join today’s session to discover how delivering network security at the edge – not data centers – can better protect your applications, your data, and your users.
11:05 - 11:25 - Lightning talks
11:25 - 11:40 - Coffee break
11:40 - 12:10 - Do's and Don't's managing penetration testing with clients - Case study
Both Red teaming and penetration testing should be a must in every company’s security assessment. Since companies don’t do such an engagement very often and in many cases it might be their first time it is very important to manage expectation and set rules of engagements properly.
12:10 - 12:45 - Outsourced personal data breach management and the Twitter case
GDPR has introduced data breach management including 72 hours deadline for the supervisory authority notification. I would like to describe the issues and the complexity of this obligation based on the Twitter case and highlight the most important takeaways from current enforcement activities.
11:40 - 12:10 - Red Team attacks, GDPR fines and COVID lay-offs? Protected without a service providers needed!
You may wonder what these 3 different topics have in common, especially that the latter were not anticipated originally. What started as an assurance control for SOC effectivity proved later to protect sensitive data better against regulatory fines. Next year COVID stroke and the insiders to be laid-off wanted to get their piece of pie before being terminated.
Three very different scenarios over couple of years where Intelligence helped the CISO of the international retailer to crack on them without re-staffing his team nor adding another managed security service provider.
12:10 - 12:45 - What is going on in the network before ransomware occures?
Most organisations identify a ransomware at the time the data is encrypted and there is a ransom demand “on the table”. However, this is preceded by a large number of IoCs that can be effectively detected on the network in real time and thus prevent a real cyber incident.
12:45 - 13:45 - Lunch break
13:45 - 14:20 - DIY risk management
When you cannot find a fitting tool, you need to build one yourself. We have used this DYI approach after struggling to find suitable tool. We built our risk management on top of JIRA and utilizing native JIRA functionality of custom fields and workflows.
13:45 - 14:20 - Your New Hire Turned to be a Hacker
It’s like a James Bond movie but for real. A case study of an under-cover red teamer hired as a junior programmer. The target has decades of experience. Cybersecurity is not a new topic. How far can the attacker get? How will the IT department react? Bring some popcorn.
14:20 - 14:55 - Panel Discussion: #1 business priority: Cybersecurity
14:55 - 15:30 - I Was Promised A Jetpack
How did we get here? The discussion will look at the promises that were made of a security future that we’re still in search of today. This is analogous to the personal jetpack that we were promised in the early days of science fiction.
15:30 - 16:00 - What the hack?
Hacking groups have changed their focus towards critical infrastructure and supply chains. The Kaseya case is just one example of a very sophisticated attack. Michal will talk about the techniques that hackers are currently using and provide his perspective on where their focus will shift next.
16:00 - 16:15 - Coffee break
16:15 - 17:00 - Challenges of Space Security
Our everyday life is dependent on space technologies. Thousands of satellites are orbiting the Earth and providing us crucial data which influence even the functioning of our critical infrastructure. In the presentation the biggest challenges of space security will be introduced and explained.
14:55 - 15:30 - The resident evil inside your database
- It’s important to understand the context of the different actions in your database as it might reveal potential attacks.
- What the most critical security configurations are and how they can prevent a data breach.
- Understand the importance of security in depth
15:30 - 16:00 - How to build Secure Development Lifecycle if you don't have a budget like Google's
Often, we hear a lot of information about how to build security development lifecycle at software companies and best practices from Google, Microsoft, Cisco, etc. However, there is a small nuance hidden here: not everyone has the same budget and the same opportunities. By the way, secure development in cases of DevOps, CI/CD practices is a necessary feature, even for small and medium company. During my statement I want to explore basic steps on the way of secure development, which are able to protect from 80% of threats. Besides, I’ll show some useful instruments, my own practical examples and achieved goals .• Why does SDL really matter for you? (interaction with audience – define a need)
- Basic key points: how to start?
- Real life case studies
- Resource planning – how not to dig too deep
- Check-list, references
16:00 - 16:15 - Coffee break
16:15 - 17:00 - Leaving no stone unturned
A ransomware incident is never a good start of your week. It gets even worse when you find it encrypted literally everything. Or did it? We will look at a real-world case which started with no obvious tracks to follow, but in which some active research and a dose of intuition yielded great results.
17:00 - 17:40 - “Mind the Gap” or Common Incident Response Challenges
In today’s increasingly cyber world organizations are more exposed than ever to potential malicious attacks. With remote workforces increasingly becoming the norm rather than the exception, organizations can expect to encounter even graver threats than they have before. The preparation an organization pursues before an event is the greatest determiner of how big of an impact a malicious event will have. Simply put, how an organization prepares for these events can spell success or doom. We will discuss common mistakes we’ve seen in our recent engagements and cover decisions made to facilitate a more positive outcome for our clients. Because being proactive can significantly reduce the negative impact of a security event we will also discuss preparatory steps at-risk organizations can take ahead of time (and to be honest everyone connected to the internet is at risk) or more specifically, industry best-practices for preparedness, investigation, and response.
Day 2 - September 9
9:00 - 9:20 - Cyber Chains are Forever
We’re the luckiest generation in the history of humanity. The Renaissance 2.0 of cyberspace is producing game changing technologies that will last a thousand years.
In this session, Eddie Doyle will explore how blockchain will transform cyber security into an unfair fight against threat actors, helping you position yourself & your company to anticipate where this revolutionary technology will lead us.
9:20 - 9:55 - The Postman Always Rings Twice: Threat actors, exfiltration innovations and their patterns
2021 has been a year of stealth, exfiltration and innovation in the digital world. With the threat landscape expanding and threat actors are targeting several sectors in this digital space, the need for research and the need for innovative proactive research is the need of the hour.
9:55 - 10:20 - Which legacy is good legacy? Critical infrastructure and Cybersecurity Awareness
When it comes to critical infrastructure, how a 50-year-old technology compares to a 50 thousand-year-old human? I want to show you how it is possible (without any special effort) to destabilize countries Critical Infrastructure systems.
10:20 - 10:35 - Coffee break
10:35 - 11:05 - Ransom-wave Aware
In this session, we will introduce more clarity to these attacks imbued with skills of how to deal with detection and prevention. Most importantly, you will gain valuable skills of how to deal with ransom and ransomware cybercrime at every stage of the attack.
11:05 - 11:50 - US Services and GDPR – Compliance Nightmare
The presentation will focus on personal transfers within EU and outside in the third countries. The emphasis will be put on nature of the legal conditions and the relevant judgments (Schrems II case) affecting tranfers to third parties, especially USA.
11:50 - 12:20 - DNS – core service and attackers
Examples of real-life attacks, how and why attackers are using DNS protocol. What other threats we are facing in this area. It is not only reputation of domains. How attackers can exfiltrate or infiltrate data to networks and endpoints without detection on security stack.
12:20 - 13:20 - Lunch break
13:20 - 13:40 - Decoding Cyber - Supply Chain Risk Management through NIST
The challenge faced by most organizations is that supply chain risks are not well understood and most importantly not assessed before using them for critical functions. Have you assessed your suppliers? Is it time to integrate Cyber supply chain risk management into Enterprise Risk management?
13:40 - 14:25 - Panel Discusion: Zero trust “beyond the buzzword"
14:25 - 14:40 - Coffee break
14:40 - 15:10 - Implementing NIST Cybersecurity and Risk Frameworks
The US National Institute of Standards & Technology (NIST) provides de-facto standards for security, compliance and privacy. Session attendees will learn how to apply the NIST Cybersecurity and Risk Management Frameworks for increased security, compliance and standardization.
15:10 - 15:35 - Stop predicting the past: how to identify unknown threats
You have seen the power of the SASE architecture and the cloud transformation companies are undergoing – in this session we will explore case studies of organizations that have already started reaping the benefits of these changes. We will see how single pass engines and network based threat hunting empower security researchers and allow them to identify previously undetectable threats that fly under the radar of legacy point solutions.
10:30 -12:30 - CISO Club in Slovak language
- Vzdelávanie Informačnej bezpečnosti, jeho rozvoj a KPI a výchova talentov.
- Cloud Security (prvotná kontrola, zmluvy, logovanie, ochrana).
- Bezpečnosť a prepájanie hybridných prostredí.
- DLP v banke, ako ho nastaviť, ako riadiť kontroly a prepojenie lokálneho DLP s cloudom.
- Disruptívny vývoj versus bezpečnosť (podpora biznisu, kontrola rýchlych zmien a vývoj v agilných tímoch)
- Riešenie starodávnej infraštruktúry v produkcii.
Explore the Universe of cyber security
Simply join our newsletter today and get the latest cyber security topics and events delivered to your inbox.