Pre-Conference Trainings

As a cybersecurity professional, you might come across bad guys and deal with their attacks. When suspicious activity is detected, the investigation starts. It may turn to the incident response, which brings up questions such as: How the attackers breached the systems and when? What kind of malicious activity have they performed and what data have been compromised? Or there already may be another not-so-good guy in your organization /insider threat/, for example, who has exfiltrated your valuable secrets, and this activity needs to be investigated with all the consequences.

Open-Source Intelligence is a well-known technique widely used for acquiring various information, however, a comprehensive approach is often replaced by limited use of a few purchased tools or pre-installed tools from popular Linux distros. Training is aimed at how OSINT analysis is performed step-by-step, what are key considerations prior to, during, and after the activity, and how to build your own set of tools and use these tools. Also, attendees will learn various techniques, keep track of collected information, evaluate it, and keep relations between the information acquired.

 

In a major part of the workshop, we will focus on practical use cases. We want to discuss how to evaluate information assets in a cloud environment and how to analyze assets related to artificial intelligence.

We will also show you ways to aggregate a view of the organization’s risk profile, how to set KPIs, and how to constantly monitor the current state of risk appetite and risk tolerance. We will show how the banking sector should establish it based on EBA/GL/2019/04.

We will simulate how it can all be connected and how it is possible to control the current risk profile on multiple levels. We will demonstrate all this to you in the application we use, which was chosen as part of the presentation of solutions running on the Qlik platform at the global conference QlikWorld.