Venue: Ziedonis hall

Moderator Reinis Zitmanis


9:00

Security Industry and Business Association greetings

 
TAGS
Cyber security, defence, strategy, business
 
Katrīna Zariņa, Board member, Latvian chamber of commerce and industry, Sintija Deruma, ISACA Latvia Chapter President, Cybersecurity & Privacy executive, Elīna Egle, Chairwoman of the Board, Federation of Security and Defence Industries of Latvia, Mārtiņš Gataviņš, Board member LIKTA
 
 

10:00

Malicious information manipulation

All institutions, public and private alike, are fundamentally founded on the idea of trust on the information they operate on. What happens, when that trust is compromised?
Compromising information integrity, its trustworthiness, can have far more devastating operational effects than mere theft of information or denying access to it. It might cause an organization to make decisions based upon bad information or reduce customer trust in their platform or business. Cyberthreat, information manipulation, is all about that. In this session, we will get introduction to what information manipulation is about, some public cases already taken place and ideas on how to detect and prevent information manipulation. This session will also dig into problematics of countering information manipulation due lack of actors in cybersecurity understanding the actual information they are supposed to protect and the operations (e.g. processes) using that information to operate. A shift in thinking is needed from ICT-system security to actual security of information and processes
Read more
 
TAGS
Cyber security, infowars, geopolitics
Jani Antikainen, Chairman of the Board, Sparta Consulting & Huginn
 
 

10:30

Integrated Scoring and Awareness for Cyber Ranges. Strategy

The solution is based on eight years of research and experience in conducting complex technical cyber security exercises, including NATO CCDCoE “Locked Shields“, “Crossed Swords“ and other national and international exercises.
,
TAGS
Estonia, EU, strategy, cyber trainings
 
Aare Reintam, Director, Locked Shields
 
 

11:00

IBM Security: Our Biggest Bet Yet

2018 has presented even more daunting challenges to cyber security professionals. Criminal innovation is thriving and the “black hats” are continually inventing new ways to improve profit and reduce the effort required to conduct their “businesses”. Meanwhile, the average time required and cost to detect and remediate breaches continues to escalate.
In this session, you will learn how IBM is “doubling down” on our cyber security investments in order to combat these threats–and those yet to emerge.
Read more
 
TAGS
Global leadership, technology, cyber security
Mark Ehr, Program Director, IBM Security
 
 

11:30

Coffee break

 

12:00

SCADA Cyber Security: The Paradox of Industrial Digitization

Much has been said and written about Information Technology / Operations Technology integration in the last decade. IT/OT network integration is generally assumed to go hand-in-hand with other kinds of IT/OT personnel and business process integrations.
Safety and reliability issues associated with IT/OT integration are often not discussed at all, or are at best dismissed as something “OT has to look after.” If it were only that easy. With every advantage gained through digitization, there comes a potential safety or reliability challenge – many of which relate to cybersecurity. This presentation introduces control systems and control system security issues for IT audiences. We look to the near term future examining how IT and OT networks must be managed differently, in spite of OT networks hosting essentially the same kind of network and computer components as do IT networks. Finally, we explore an emerging spectrum of options for safe IT/OT integration.
Read more
 
TAGS
SCADA, IoT, industrial security, critical infrastructure
Motty Slomovitz, Director, Europe Waterfall Security
 
 

12:30

2018 State of Cyber Resilience

Here’s something you might be surprised to hear. Targeted cyber attacks are doubling – but security teams are getting better at fending them off. Only one in eight focused attacks are getting through in 2018 compared with one in three last year. In a world of increasing pressures on cybersecurity strategies, it is the first good news we have had for a while. Now in its second year, Accenture Security‘s comprehensive research study, 2018 State of Cyber Resilience, takes a closer look at the state of cyber resilience across key markets and geographies.
If you would like to learn more about the state of cyber resilience – this session will cover it!
 
TAGS
Market analysis, risk management, future
Intars Garbovskis, Security practice lead, Accenture Latvia
 
 

13:00

Practical usage of AI in cybersecurity

AI, Deep Learning and Intelligent Automation have become common words on cybersecurity vendors websites. Economical practicality of AI/ML remains widely unsettled and is a subject of endless disputes among industry experts. Will robots replace humans or rather enable them to unleash the genius of their brain? Which technology is behind the AI acronym, what it can do and what it cannot do? To be explored and discussed during the talk.
 
TAGS
Artifical intelligence, cognitive cyber security, machine learning
Ilia Kolochenko, CEO & Founder, High-Tech Bridge
 
 

13:30

Lunch break


14:30

Geo-politics and Cyber Security

The world is changing, the rhetoric between nations is getting sharper and trade wars are accelerating, and as a result the need for transparency from global IT companies is increasing. At Kaspersky Lab we welcome this need, and want to lead by example with our Global Transparency Initiative. In this presentation you will learn about Kaspersky Lab’s Transparency Center which is scheduled to open in Europe before end of 2018.
 
TAGS
Geopolitics, global transparency initiative
Leif Jensen, General Manager of Nordic&Baltic, Kaspersky Lab
 
 

15:00

Using Behaviour Based Detection to Defeat Attackers & Insider Threats

If an attacker were in your network right now, could you see them? Behavioural based detection allows you to answer this question with confidence. These methods of detection rely on advanced machine learning which produces sophisticated alerts with low false positives. Learn how your security team can use automation to battle against modern attackers and insider threats and get detection back under your control.
 
TAGS
Cyber security, network security, behaviour based detection
Harri Ruuttila, Specialist Systems Engineer – Behavioral Analytics and Logging, Palo Alto Networks
 
 

15:30

Security Testing: Lies, Truths and Little Secrets They Never Told You, from 20+ Years of Field Experience

 
TAGS
Application security, software security, security testing, workshop
Raoul “Nobody” Chiesa, President/ founder, Security Brokers ScPA
 
 

16:00

Coffee break

 

16:30

TOP 10 Ways to Make Hackers Excited: All About The Shortcuts Not Worth Taking

Designing a secure architecture can always be more expensive, time-consuming, and complicated. But does it make sense to cut corners when hackers invent new attacks every day? Taking shortcuts will sooner or later translate to more harm and backfire.
Read more
Come to the session and learn what mistakes we eliminated when working with our customers.
 
TAGS
Live hacking demo, workshop

Tom Nowakowski,
Security Expert, CQURE
 
 

17:30

Panel Discussion

(participants will be updated, stay tuned)

 

18:00

Closing

 

Venue: Conference hall A

Moderator Kristīne Laure


TIME
SESSION
 

12:00

Barracuda CloudGen Firewall, SD-WAN and WAF security: Protection and Performance in the Cloud Era

Barracuda’s Cloud Generation Firewalls redefine the role of the Firewall from a perimeter security solution to a distributed network optimization solution that scales across any number of locations and applications, connects on-premises and cloud infrastructures, and helps organizations transform their business. Barracuda SD-WAN reduces costs and ensures application availability. Barracuda Web Application Firewall secures Your Web Apps On-Premises and in the Cloud. A comprehensive web application security platform that secures your apps, defends against bots and DDoS attacks, and accelerates application delivery.

 
TAGS
Network security, cloud, web application firewall
Michael Rumak, Channel and Business Development Manager CEE, Barracuda
 
 

12:30

New security solutions for next generation of IT

Migration to Cloud will challenge traditional perimeter security solutions. How to protect organisation from phishing, ransomware and other threat in tomorrows IT environment.
 
TAGS
Cyber threats, future, cloud, ransomware
Leo Lahteenmaki, Consulting Systems Engineer at Cisco Systems, Cisco
 
 

13:00

How A Cyber Secure Culture Can Be Created On Your Organisation

Engaging organisations on cyber security is a major focus across the cyber security Industry.
An efficient cyber security network is reliant upon both regulated and maintained technological defences and the engagement and cooperation of organisation staff at all levels from the ground up. Maintaining a secure network is reliant upon human engagement, increasingly amongst industries and individuals that have not previously faced a cyber threat. This session will focus on how cyber security risks should be addressed to departments within an organisation, and how cyber security can be built into a company mentality. Key topics that workshop participants will focus on include:

· How cyber security concerns can be presented to target department priorities
· How cyber awareness can be developed on an individual basis
· Building an atmosphere of cyber security amongst departments
· Understanding how IT professionals can positively reinforce best practice

 
TAGS
– – – – – – – – – –
Mauro Alberto Brignoli, Solution manager, Cyber & Intelligence competence centre
 
 

13:30

Panel discussion/ Lunch


14:30

Practical Approach to NIS Directive’s Incident Management

NIS Directive adopted this year by EU countries in local cybersecurity law requires mandatory incidents reporting. The organizations covered by NIS Directive should take appropriate measures to prevent and minimize the impact of incidents as well as notify the authority.
During the lecture the participants will learn:
– How to resolve the problem of breach detection gap – long time the attackers stay undetected,
– How to utilize Flowmon’s network behavior analysis to enrich security monitoring of systems where active protection is risky,
– How to practically prepare for the incidents response and automate key activities and processes.
 
TAGS
EU NIS directive, network security, incident management
Mariusz Stawowski, Technical director, Clico / Flowmon
 
 

15:00

Detecting the Unknown

With the incidents of cyber-attacks growing every year, no organization regardless of size or industry is safe from the risk of a data breach. It is no longer a question of if your company will be attacked but when and if so will you notice the attack? We will investigate how tools like EDR and Next generation endpoint protection can help to protect and understand the risks that organizations face on a daily basis. And how to stay one step ahead not one step behind.
 
TAGS
UTM, endpoint security, network security
Alexander Hägglund, Sales Engineer Nordics and Baltics, Sophos
 
 

15:30

Network is the Firewall

Juniper Software-Defined Secure Networks solution utilizes switching infrastructure to secure the whole network.
 
TAGS
Network security, switching infrastructure, security management
Martti Saramies, Senior Partner Account Manager, Juniper
 
 

16:00

Coffee break

 

16:30

Botprobe – Reducing Network Threat Intelligence Big Data

IPFIX is the ratified standard for flow export. IPFIX was designed for security processes such as threat detection, overcoming the known drawbacks of network management based NetFlow. One major enhancement in IPFIX is template extensibility, allowing traffic capture at layers 3 through 7 of the OSI model. This talk introduces IPFIX and describes the creation of BotProbe – an IPFIX template specifically designed to capture botnet traffic communications from the analysis of almost 20 million botnet flows. BotProbe realises a 97% reduction in traffic volumes over traditional packet capture. Reduction of big data volumes of traffic not only opens up an opportunity to apply traffic capture in new areas such as pre-event forensics and legal traffic interception, but considerably improves traffic analysis times. Learn how IPFIX can be applied to botnet capture and other security threat detection scenarios.
 
TAGS
IPFIX, threat detection, network security, forensics

Adrian Winckles,
Cyber Lead & Director, Cyber Security & Networking Research Group
 
 

 

 

Venue: Conference hall B

Moderator Artūrs Cers


TIME
SESSION
 

12:00

Protect your web application with Machine Learning and Security Fabric – “set and forget” WAF

Fortinet was the first security vendor to release machine learning capable WAF with high usability to finally have “set and forget”.
 
TAGS
Network security, web application firewall, application security, machine learning
Timo Lohenoja, Systems Engineer Finland and the Baltics, Fortinet
 
 

12:30

How to Discover Vulnerabilities in Business and Mission Critical Systems

Security audit of critical systems is big challenge – how to safely audit the systems where services continuity is the highest priority? Normal pen-testing methods in banking transaction servers, healthcare and SCADA systems are not acceptable as little disruption of these systems can have severe consequences.
During the lecture the participants will learn:
– What are the possibilities for auditing the security of environments where active security pen-testing methods are risky,
– What are the real and (unfortunately) effective techniques of breaking into critical systems like SCADA,
– How to use dedicated Rapid7 tools to safely audit the security of critical systems, i.e. Nexpose authenticated scans, soft VA in SCADA scanning profile.
 
TAGS
SCADA, vulnerability management, metasploit, pentesting, application security, critical infrastructure
Mariusz Stawowski, Technical director, Rapid 7
 
 

13:00

Transform Your Enterprise Branch with Secure SD-WAN

SD-WAN replaces separate WAN routers, WAN optimization, and security devices with a single solution that is application-aware, offers automatic WAN path control and multi-broadband support. It improves application performance, reduces WAN Operating expenses and minimizes management complexity.
 
TAGS
WAN, network security, security management
Timo Lohenoja, Systems Engineer Finland and the Baltics, Fortinet
 
 

13:30

Lunch break


14:30

QRadar: A Look Ahead

QRadar is the #1 security intelligence platform on the market and we continue to innovate in order to help our customers stay ahead of threats. In this session you will learn about key innovations that we have added to the product in 2018, and new capabilities that we plan to add in 2019 and beyond.
 
TAGS
SIEM, SOC, security intelligence, UBA, log management, machine learning, IBM Watson AI
Mark Ehr, Program Director, IBM Security
 
 

15:00

Forensic Tool Development with Rust

The study evaluates the suitability of the Rust ecosystem for forensic tool development. As a case study a forensic tool named Stringsext is developed. Starting from analysing the specific requirements of forensic software in general and those of the present case study, all stages of the software development life-cycle are executed and evaluated.

Stringsext is a reimplementation and enhancement of the GNU-strings tool, a widely used program in forensic investigations. Stringsext recognizes Cyrillic, CJKV East Asian characters and other scripts in all supported multi-byte-encodings while GNU-strings fails in finding these in UTF-16 and other encodings. During the case study it has become apparent that the Rust ecosystem provides good support for secure coding principles and unit testing. Furthermore, the benchmarks showed a satisfactory performance of the resulting Stringsext binaries comparable to the original C version.
Read more

 
TAGS
RUST, cyber security network forensics, live demo
Jens Getreu, Early Stage Researcher, Information Security Expert, Tallinn Technical University
 
 

15:30

Securing Hybrid and Multi Cloud Deployment

Security must be designed into every business system and business process that is deployed to cloud. Responsibility lies not only with the Cloud Service Provider and security teams, but also with DevOps and operations teams who are charged with confirming appropriate security controls are used.
Organizations are challenged to cover the bases. Further, organizations struggle to attract and retain cloud security talent to design, build and manage appropriate security operations. At IBM, providing comprehensive solutions for securing customers’ cloud deployments is our specialty. At this session, we will share insights into cloud security challenges and how IBM meets customers’ demanding security and compliance requirements—and in many cases helps them improve their security posture over existing methods.
Read more
 
TAGS
Cloud security, devops, security operations centre
Robert L Kennedy, Security Consultant, IBM
 
 

16:00

Coffee break

 

16:30

Patching: Answers to the Questions You Probably Were Afraid To Ask About Oracle Security Updates

How often should I apply security and other patches my Oracle RDBMS? Or my Grid Infrastructure? Should I even bother? Nothing will happen if I don’t, right? How difficult is it, if I do? How long will the downtime be? Will I break something? And will I be able to fix the thing I broke by applying an update? I applied the last patch 10 years ago, what has changed since? These and more questions I will answer during my presentation. This will be useful for new DBAs seeking their peace of mind during security patching process when their manager is standing behind their back with the stopwatch.
 
TAGS
Oracle RDBMS, Oracle grid, database security

Juris Trošins,
Senior DBA, DBA Competence Center
 
 
 

Venue: Conference hall C

Moderator Liene Birze-Andersone


TIME
SESSION
 

12:00

How to Maintain Business Equality Secured in Network and Cloud

How to maintain business equally secured in corporate network and cloud
• Adaptive Security Architecture
• CASB – Cloud Access Security Broker
 
TAGS
Cloud security, network security
Harri Hämäläinen, Territory Manager Finland & Baltic countries, McAfee
 
 

12:30

Protecting Digitalization With Information Security

Network Security is like No Security. When you are trying to secure a network you do nothing to secure the data that network contains. All you are doing is securing access to a network and it is all too easy to penetrate networks. So it is now time to move on beyond single-point solutions to holistically address data privacy threats. Micro Focus offers a variety of solutions that you can use to protect your company’s digital assets. Come and learn what are the modern tools to protect your valuable data, either on premises, on cloud or hybrid. This session is all about how to protect your Users, Apps, & Data.

 
TAGS
Network security, data security, application security
Jari Salokannel, Information Security Architect, CISSP, C|EH Micro Focus Security Baltic and Nordic Countries
 
 

14:30

The Artificial Reality of Cyber Defence

With the growing online availability of attack tools and services, the pool of possible attacks is larger than ever. Let’s face it, getting ready for the next cyber-attack is the new normal! This ‘readiness’ is a new organizational tax on nearly every employed individual throughout the world.
Amazingly enough, attackers have reached a level of maturity and efficiency – taking advantage of the increased value and vulnerability of online targets, and resulting in a dramatic increase in attack frequency, complexity and size. In order to fight evolving threats, organizations need to implement the most adequate security solutions to fully protect against new threats and all types of attacks. Attackers are deploying multi-vector attack campaigns by increasing the number of attack vectors launched in parallel. In order to target an organization’s blind spot, different attack vectors target different layers of the network and data center. Even if only one vector goes undetected, then the attack is successful and the result is highly destructive.
Read more
 
TAGS
DDoS, WAF, critical infrastructure, cyberwar
Fabio Palozza, EMEA pre sales director, Radware
 
 

13:30

Panel Discussion / Lunch


14:30

Addressing E-Identity Business Challenges

1. Importance of personal and corporative e-identity to replace outdated solutions
2. Retaining business efficiency during customer behavior digitalization
3. Security vs Convenience during digital customer on-boarding
4. Practical use cases in Baltics

Underestimation of e-identity of companies. how can you satisfy customers’ needs on convenience and simplicity, yet not make a trade-off on security? While choosing a solution, attention must be paid to the service quality, e.g. what is the availability and assurance level, does the service comply with international regulations – can it be used locally or across borders.

 
TAGS
 
Georg Nikolajevski, Trust Services Sales Manager, SK ID Solutions/ Estonian ICT Cluster
 
 

13:00

MLM (multi-level malware) or how to look at company users with new eyes.

Statistics say that a large number of breaches and cyber threats come from within’ the company. And in most cases we assume it is just lack of knowledge from employees. But what if that was not true? How can we determine malicious intent versus lack of knowledge when it comes to insider threats? This presentation will talk about MLM (multi-level malware) and why this business proposition, although unreal, should make IT Managers change their perspective about company employees and their use of company resources.
 
TAGS
– – – – – – – – – –
Tudor Florescu, Sales Engineer, Bitdefender
 
 

15:30

The Future of PKI. Using Automation Tools and Protocols To Bootstrap Trust in Dynamic Environment

Everyone can observe PKI infrastructure in action when accessing website secured with SSL/TLS. It ensures encryption of communication and trust between two parties. But what is going on behind the scene?
Responsible person needs to take care of the certificate which is installed on the server: initial request from authorities which takes time, expiration monitoring, reminders and timely renewal. Now think what happens when you have hundreds, thousands of servers? Your servers are in Cloud environment, created dynamically? It is required to renew certificates more often? This talk will share insights into way of implementing automated tools and protocols to establish trust and achieve end-to-end encryption within the environment at German Telecom provider.
Read more
 
TAGS
– – – – – – – – – –
Anton Krupskyi, Security analyst, Accenture Latvia
 
 

16:00

Coffee break

 

16:30

Having SOC and SIEM capacity planning under control

Influence of the SOC and SIEM to the processes of the organization is a rapidly evolving area. New situations arise while even existing knowledge requires more proof. More and more business processes begin to depend on security risks managed by SOC. How organization could approach SOC and SIEM planning and what others do?
 
TAGS
– – – – – – – – – –

Andris Bariss,
Senior consultant, Analytica
 
 

 

 

Venue: Conference hall D

Moderator Linda Bondare


TIME
SESSION
 

12:00

How to Discover If Your Mobile Phone Has got a Spyware?

After the Hacking Team’s leak, the Snowden Case, and others “Dark Entities”, it just looks like the whole world suddenly realized that mobile phones can be intercepted. Malware, spyware, key loggers…. there’s plenty of choice for the cybercriminals, your competitors, your wife, whoever. This presentation will provide a high-level view on the topic, with real life evidences, advices and tips, from our field experiences in the Mobile & Digital Forensics world. We will analyze a Mobile File System and where into the File System it’s possible to find mobile spysoftwares. In the last part of the presentation there will be a special “Blue pill” focused on Mobile Forensics onto Crypto Phones.

 
TAGS
– – – – – – – – – –
Selene Giupponi, Founder & Head of Digital Forensics Unit, Security Brokers ScPA
 
 

12:30

Secure enterprise mobility

The presentation will describe today challenges in enterprise mobility. During the presentation it will be presented how to secure and effectively manage mobile devices and at the same time keep user privacy and high performance of the solutions.
 
TAGS
– – – – – – – – – –
Pawel Sniecikowski, Senior Technical Account Manager, Samsung R&D Institute Poland
 
 

13:00

Secure Enterprise Messaging and Crisis Communication

– The benefits of enterprise messaging for productivity and security
– The next level of enterprise messaging with innovative crisis communication features for emergencies and critical events,
– Important uses cases of alerting for IoT, ecosystem integrations and chat bots.
 
TAGS
– – – – – – – – – –
Tobias Stepan, Managing director, Teamwire
 
 

13:30

Lunch break

 

14:30

Let’s hack your mobile device. / Yes, we can. And many other do.

[…..]
 
TAGS
——
Tommi Kallberg, Mobile Security Engineer, Checkpoint / Opticom
 
 

15:00

Informācijas drošības kultūra [Latviski]

Prezentācijā tiks apskatīti tehnoloģiju ietekme uz kopējo drošības kultūru organizācijā un tās saistību ar stratēģisko un biznesa mērķu sasniegšanu. Pamatprincipi un darbinieku lomas drosības kultūras apzināšanā un ieviešanā. Cilvēku paradumu izmaiņu ietekme uz uzvedības kultūru un motivācija ievērot vai neievērot zināmus drošības noteikumus.

 
TAGS
– – – – – – – – – –

Egils Stūrmanis, Development project manager, CERT.lv

Deivids Golubs, Member of the board, ISACA Latvia chapter

 

15:30

Changing the Playground of Cyber Security Trainings

Starting from complex technical exercises to regular user trainings we offer novel approach to cyber security trainings. This is made possible thanks to our vast experience, unique technology and focus. At the heart of our philosophy in developing products and services is a firm belief that cyber security is not merely a technical problem; it is not a problem that can be solved only by more boxes, servers, routers or software.
It is humans at every level starting from strategic decision makers to technical response teams to ordinary users who all play a role in finding the solution. The only way to make it all work is to play. Welcome to the new playground.
Read more
 
TAGS
– – – – – – – – – –
Klaid Magi, VP of Threat Intelligence, Cybexer Technologies
 
 

16:00

Coffee break

 

16:30

Cyber security training workshop I

[……]
 
TAGS
– – – – – – – – – –
Team Cybexer Technologies
 
 

17:00

Cyber security training workshop II

[……]
 
TAGS
– – – – – – – – – –
Team Cybexer Technologies
 
 
 
 

Venue: Room 078

Moderator Deniss Čalovskis


TIME
SESSION
 

12:00

Services evolution in cybercrime economics

It’s not a secret that Cybercriminals are always one step ahead of the cybersecurity industry. This industry works mostly reactive fixing emerged problems. For the last 10 years, cybercriminals have evolved from small business models and communities to almost totally independent ecosystem. One of the main powers moving cybercrime forward is revenue generation. The cybercrime economy nowadays is very close to contemporary capitalism. Shifting focus on cybercrime revenue legalization may change illegal act detection to a new level.
 
TAGS
– – – – – – – – – –
Deniss Čalovskis, CEO, IT Eksperts
 
 

12:30

Cyber Crime as a Startup

Startups are seen as newly born companies with new exiting business models, technical innovation and novel service solutions. But what it takes to have a cyber crime as a startup. Presentation looks at the threshold, business accelerator and incubator opportunities for aspiring new cyber criminals. Also on how to crowdsource for ideas, rise money from angel investors and other sources and how to take the market by the storm. In short how cyber crime can be a startup.
 
TAGS
– – – – – – – – – –
Thea Sogenbits, Partner at Smart Service Solutions, Head of Curriculums of IT, Estonian Entrepreneurship University of Applied Sciences
 
 

13:00

Big Data, Small Wars and a New Sense of Vulnerability

[…..]
 
TAGS
– – – – – – – – – –
Felipe Pathé Duarte, Consultant / Professor (PhD), Visionvare/ The Higher Institute of Police Sciences and Internal Security
 
 

13:30

Lunch break

 

14:30

IoT Technologies for Context-Aware Security

The introduction of IoT technology in businesses and private households have resulted in a number of spectacular security failures that have impacted both individuals and large sections of the Internet, e.g. the Dyn cyberattack in October 2016 was caused by the Mirai botnet which exploted a vulnerability online consumer devices such as IP cameras and home routers. On the other hand, IoT devices may provide input to context-aware security mechanisms that implement continuous zero-interaction authentication, secure localization services, and help protect against social engineering (e.g. tailgating and shoulder surfing). The focus of this presentation will be on the exiting security technologies made possible by a secure IoT infrastructure.
 
TAGS
– – – – – – – – – –
Christian Damsgaard Jensen, Associate Professor, Head of Cyber Security Section, Technical University of Denmark
 
 

15:00

North European Cyber Security Cluster- Example of the Regional Trust Platform for the Europe

How to form the trust among of different organization in order to make Cybersecurity Cluster
– What type of challenges and bottlenecks are faced
– Story of Finnish Cybersecurity Cluster, FISC
– How to make “cluster of clusters” – joint influencing towards Europe, North European Cybersecurity Cluster, NECC
– Where are we heading together
 
TAGS
– – – – – – – – – –
Juha Remes , CEO/Executive Director, Cyber Labs/ FISC
 
 

15:30

Lawyers in the Cyberworld: Good, Bad or Useless

The early era of the cyber world included many idealists who hoped for a whole new reality, a global community without borders and free from regulations and rules. Instead we have a reality where crime, warfare, propaganda and surveillance have moved to the cyber world and authorities struggle to make sense of a reality where rule making, ethics and law enforcement appear to have been privatised and handed over to a handful of dominant private firms. Is legal regulation a help or hindrance? Can it have any relevance or had that train left a long time ago?
 
TAGS
– – – – – – – – – –
Katrin Nyman Metcalf, International consultant, expert in legal aspects of e-governance and ICT, space law, cyberspace law, visiting professor.
 
 

16:00

Coffee break

 

16:30

Crime Pays: Feasibility of a Cybercrime

There is much talk about the loss caused by the cybercrime but not as much about the profits made. This presentation looks at the crime opportunities, feasibility of a cyber crime, related risks and return of investment and what their potential target organizations can do with that knowledge.
 
TAGS
– – – – – – – – – –
Thea Sogenbits, Partner at Smart Service Solutions, Head of Curriculums of IT, Estonian Entrepreneurship University of Applied Sciences
 
 

17:00

European Cyber Security Industrial Landscape: the Needs for Multiscale Public- Private Partnership

[…..]
 
TAGS
– – – – – – – – – –
Danilo Delia, Senior policy manager, European Cyber Security Organisation
 
 
 
 

Venue: Virtaka lecture room

Moderator Martin Maasik / Anna Vladimirova-Krjukova


TIME
SESSION
 

10:00

F-Secure Rapid Detection and Respond Service Detect and Respond to Human-conducted Attacks

We will talk about the basic background and need of detection and response services and then show some simulated scenarios of breaching a network and how detection and response is really needed to support your preventive layers for security.
 
TAGS
– – – – – – – – – –
Jarno Niemelä, Principal Researcher, F-Secure
Ian Whiteside, Region Sales Director, F-Secure
 
 

11:00

Coffee break

 

12:00

Honeypots: Setting the Perfect Trap

If you have ever looked at logs of a machine left open to the world-wide networks you know that hacking attempts are highly frequent. Most of these are not sophisticated – portscans and credential bruteforce attempts dominate the lot, as it is something that can be easily automated and applied to large blocks of public addresses. Such techniques, commonly used for initial system compromise, do not seem to change much over time, but what happens if a probe succeeds and provides an attacker with access to the system? You would not want to find out from your own experience. Honeypots are one of the few ways to study attacker behaviour on a compromised system. This talk will introduce this concept, contemplate potential uses is defensive and offensive security, as well as provide some guidance for designing and configuring your own honeypot.
TAGS
– – – – – – – – – –
Alise Silde, Application security lead, Accenture
 
 

12:30

Proactive Security: The Opensource Security Testing Methodology Manual (OSSTMM) from ISECOM

 
 
TAGS
– – – – – – – – – –
Raoul “Nobody” Chiesa, President/Founder, Security Brokers ScPA
 
 

13:00

Fatal Signs: 10 Symptoms When You Think You’ve Been Hacked

We all need the mandatory checklist of places to verify in case of being hacked or… at least when we are in doubt. It is all about these ‘little things and details’. For a hacker it is enough to get only one of them exploited, for Administrators, it is so much harder – they need to know them all.
What’s worse: they need to check them all! There are some OS behaviours that could indicate that there is something currently active, how can we spot what exactly is that? We will look at the places used by the system to store such information. Surprisingly your disk drive contains a lot of juicy information that can reveal a lot of secrets and history about what has happened did in the past. There are also places where data can be deliberately hidden by malicious software and it would be great to know what those are! During this session, you will become familiar with the symptoms that could indicate that have been hacked and tools and techniques to spot this kind of activities. You will also learn how you can mitigate hackers to exploit discussed OS areas.
Read more
 
TAGS
– – – – – – – – – –
Tom Nowakowski, Security Expert, CQURE
 
 

14:00

Lunch break

 

14:30

Application Honeypot Threat intelligence

The goal of the OWASP Honeypot Project is to identify emerging attacks against web applications and report them to the community, in order to facilitate protection against such targeted attacks. Within this project, Anglia Ruskin University is leading the collection, storage and analysis of threat intelligence data.
The purpose of this part of the project is to capture intelligence on attacker activity against web applications and utilise this intelligence as ways to protect software against attacks.
Honeypots are an established industry technique to provide a realistic target to entice a criminal, whilst encouraging them to divulge the tools and techniques they use during an attack. Like bees to a honeypot. These honeypots are safely designed to contain no information of monetary use to an attacker, and hence provide no risk to the businesses implementing them.
The honeypots in VM, Docker or small computing profiles like Raspberry Pi, employ ModSecurity based Web Application Firewall technology using OWASP’s Core Rule Set pushing intelligence data back to console to be converted to STIX/TAXII format for threat intelligence or pushed into ELK for visualisation.
The project will create honeypots that the community can distribute within their own networks. With enough honeypots globally distributed, we will be in a position to aggregate attack techniques to better understand and protect against the techniques used by attackers. With this information, we will be in a position to create educational information, such as rules and strategies, that application writers can use to ensure that any detected bugs and vulnerabilities are closed.
Read more
 
TAGS
– – – – – – – – – –
Adrian Winckles, professor, Anglia Ruskin University
 
 

15:00

Breaking Modern SSL Encryption By New Approach

 
TAGS
– – – – – – – – – –
Ibrahim Kistak, Ethical Hacker and Founder, SECBIZ IT Security
 
 

15:30

Hacking The Chrome Browser and Gaining Full Access To The Target Device

 
TAGS
– – – – – – – – – –
– – – – – – – – – –
Jean Pascal Pereira, Ethical Hacker and Founder,SECBIZ IT Security
 
 

16:00

Coffee break

 

16:30

Ethical Hacker in Action Part 1

TAGS
– – – – – – – – – –

Peter Gubarevich, IT Training Expert, New Horizons

 
 

17:00

Ethical Hacker in Action Part 2

TAGS
– – – – – – – – – –

Toms Pēcis,
CISO, Analytica