Selecteer een pagina
cybercrime security forum
PROGRAMME   SPEAKERS   WHEN & WHERE   REGISTER

Transform your organization and stay secure

Digitizing without compromising on security? Discover how during The Cyber Security Sessions on 1st and 2nd February 2018.

Digitization is now increasingly becoming a condition for success. This fact has been proven time and again by technology-driven companies like Uber, Coolblue and Airbnb. Certainly, a sufficient reason for many organizations to also initiate a digital transformation, allowing them to instantly react to trends, meet specific customer requirements and launch new business models.

But there is one aspect which is often overlooked during the digitization process: data security. Is data security adequately developing along with these digital transformations? This is absolutely crucial, especially as digital processes generally make use of all kinds of personal data. Not merely customer and supply data from business systems, but also big data from sensors and the Internet of Things.

New innovations and external influences are weighing heavily on the impact of digital transformation. New possibilities mean new ways of doing business and will automatically challenge the security strategy. Besides the new innovations, new government rules like GDPR are effecting the way you do your business and will change how you stay secure. There are more and more threats so it is not clear who is attacking who anymore. This requires a security-centric approach where people and companies work together to keep themselves and each other safe.

How can security start forming a fixed part of your digital transformation? This question is going to be a central focus point during the 2018 Cyber Security Sessions – ‘Transform your organization and stay secure’.

Challenge

The role of a CISO is dramatically changing, where cybersecurity was a concern of IT professionals, it is nowadays more a joint concern of the whole organization, including c-level. The CISO needs to advise the board on cybersecurity strategies and he needs to be more and more aware of the new IT challenges and solutions. The IT and security professional needs insight in order to advise the CISO. Together they need to make sure that the company is safe and secure, and it is essential that all speak the same language and share the same cybersecurity concerns.

WHO SHOULD ATTEND?

The Cyber Security Sessions are interesting for IT professionals, security experts, IT managers, CISO’s and CIO’s who want effective cyber security, make employees secure aware and want to learn what to do if a network is penetrated. All technical cyber security aspects for protecting your network as effectively as possible will be discussed, as well as Red teaming, Responisible Disclosure and supplier security. The deep dive hacking track will go one step further from a technical point of view.

DATE

1 & 2 Februari 2018

FEE

€ 1.195 (excl. V.A.T.) for two days

VENUE

CineMec
Berlijnplein 100
3541 CM Utrecht, Nederland

REGISTERING is no longer possible

 

SPEAKERS

Ewin van Andel - CEO, Zerocopter

Edwin van Andel, better known as @Yafsec, was born on a late November day in the excellent wine year 1970 and immediately started pushing buttons from his crib. After working with different companies around the globe, he in 2003 started his own company called Yafsec, with the sole purpose of guiding companies and IT dealers through the dark woods of the ever evolving security forest. As of 2016 he joined Zerocopter, where he’s mostly working on publicly expanding their continuous security platform. Elected winner of the Lightning talks at BruCON 2013, and organizer of the alternative NCSC conference “because no hackers were invited” #ALT-S.

Henk Boot - Security Operations Center Lead, Dutch National Police

Henk Boot, Security Operations Center Lead for the Dutch National Police, says: “The police Security Operations Center (SOC) monitors the cybersecurity of the ICT Department networks and systems.
SOC applies a number of tools, and one of them is SIEM (Security Incident and Event Management). This tool is based on so-called use-cases (such as malware tracking and authentication tracking) which are adjusted to the specific police environment. SOC identifies threats to the police organization and translates these to use-cases.

Mark de Groot - Team lead REDteam, KPN

Mark de Groot, leading the ethical hacking team of KPN, is specialized into performing advanced ethical hacking exercises where the physical, human and cybersecurity comes together to simulate various types of attacks.

Oscar Koeroo - Security strategist, KPN

Oscar Koeroo, is working 15 years in the cyber security field ranging from software engineer to policy maker and advisor. Oscar is specialized in applied cryptography and trust modeling. With his large technical experience, he advises on securing networks, infrastructures, platforms and applications. Currently, he is focussing on Post Quantum Cryptography solutions and SDN/NFV.

Ralf Willems - Senior Security Officer KPN CISO, KPN

Ralf Willems is an experienced information security executive operating at a senior level at KPN, he is the liaison between executive management and the CISO Office. Act as a trusted advisor by picking up security signals and managing expectations towards stakeholders to realise an optimum level of security.

Andres Rutkens - Adviseur social engineering, Stichting CHORUS

Counter Social Engineering: How knowledge empowers and wisdom is liberating!

This Talk will take you on a journey to the dark side of global networks, where it comes down to access, connectivity and in the end money and power. Hackers find themselves at a fairly young age in the wild west called internet where it is unclear if someone is an unwitting spectator, participant, manipulator or being manipulated… You will get inside information on how Social Engineering actualy works and why it is so succesful. Prepare for the future -where tech. will be bypassed through human manipulation- and liberate yourself from the manipulative methods being used!

Wilbert Pijnenburg - BeOne Development

Wilbert Pijnenburg has studied broad information security issues since 1996, and was previously Director for the Benelux at InfoSecure. During the past 10 years, he has implemented countless awareness projects both nationally and internationally. These projects occur in a wide range of market segments. Wilbert has an entirely unique vision regarding effective security awareness.

Michael Jankowski-Lorek - Data scientist and security expert, CQURE

Mike is a solution architect, developer, data scientist and security expert with more than 12-years’ experience in the field. He designs and implements solutions for Databases, Network & Management area, mainly for Microsoft platform for medium to enterprise level organizations. Mike holds multiple certifications, especially security, database and software development related. He is currently finishing PhD thesis in which he is combining academic knowledge, professional experience and technical skills.

Greg Tworek - CQURE

Greg has been working with Windows Security since the very beginning of his professional career. He started as a system administrator, then moved to a consultant role, IT manager and chief information security officer (CISO). Now he is mainly responsible for consulting services delivered worldwide by CQURE. He has access to a source code of Windows.

Michiel Broekhuijsen - Trainer, Global Knowledge

After 20 years of experience as an ICT professional I have discovered that being a trainer gives me a real sense of fulfillment. As a trainer he brings back complexity to its essence and practical due to his experience in various ICT domains. Focus areas include Digital Security (Cyber/Information and IT) and Cloud Computing.

Eward Driehuis - Chief Research Officer, SecureLink

Eward Driehuis is SecureLink’s Chief Research Officer. An IT veteran of over 20 years with a background in design, he has a passion for security, innovation, and asking the “why” question. With years of experience fighting cybercrime with banks, law enforcement & corporates globally. Eward is an established speaker at international events such as RSA and FS-ISAC. His CV includes roles as CTO and Business Director in Software and IT. Before SecureLink he spent 8 years in Fox-IT heading up their threat intelligence and advanced analytics products.

Erwin Paternotte - Lead Security Consultant, Nixu Corporation

Erwin Paternotte has 15 years of experience in conducting penetration and security tests. In all those years, he has tested a great variety of systems and environments. His focus has shifted in recent years to the more advanced tests, such as red teaming, embedded systems and ICS/SCADA. He is the Practice Lead within Nixu for penetration and security tests, focusing on quality and development of new services.

Wim Remes - CEO & Principal Consultant, Wire Security

Wim is the founder of and principal consultant at Wire Security, based in Belgium. He leverages 15+ years of security leadership experience to advise clients on reducing their risk posture by solving complex security problems and by building resiliency into their organizations.

Wim delivers expert guidance on reducing the high cost of IT security failures, both financially and in terms of brand reputation combining his deep expertise in network security, identity management, policy design, risk assessment and penetration testing to develop innovative approaches to enterprise security.

Before starting Wire Security, Wim was active as Manager Global Services EMEA at Rapid7. Previously, he has worked as managing consultant at IOActive, as manager of Information Security for Ernst and Young and as a security consultant for Bull, where he gained valuable experience building security programs for enterprise class clients.

Wim has been engaged in various infosec community initiatives such as the co-development of the Penetration Testing Execution Standard (PTES), InfosecMentors and organizing the BruCON security conference. He has been a featured speaker at international conferences such as Excaliburcon (China), Black Hat Europe, Source Boston, Source Barcelona and SecZone (Colombia).

Eelco Stofbergen - Cyber Security & IT Risk leader, CGI

Cyber Security and IT Risk leader with 15+ years of industry experience in cyber security and information risk management. He leads the development and delivery of innovative cybersecurity services and solutions. As Director Cyber Security a CGI he advises organizations about cyber security and crisis management. Eelco worked at the Dutch National Cyber Security Centre.

Ruben van Vreeland - CEO, Bit Sensor

Ruben van Vreeland is a young veteran ethical hacker. With BitSensor he gave security advise to the greatest web platforms, such as LinkedIn, eBay, Indiegogo and Marktplaats.nl. In the present day Ruben is a speaker at major conferences such as Hack In The Box/HAXPO where he spoke on advanced XSS, j-Fall, GOTO Amsterdam and Berlin, Holland Strikes Back, and more.
With BitSensor he has created a radical new approach on fighting attacks on web platforms using embedded security, and is awarded best entrepreneur by Sprout in the 25 under 25 category.

Adrianus Warmenhoven - Security Evangelist, RedSocks Security

Adrianus Warmenhoven has been involved in pioneering endeavors in IT since the early 1990’s. Collaborated in setting up firsts in Dutch anti-cybercrime, branch organization for ISP’s as well as being CTO for one of the first free ISP’s in the Netherlands, co-designer of supercomputing hardware and running projects for Dutch governmental organizations. For various international companies, he has done security reviews and given advice on how to deal with active threats and extortion. He is now affiliated with RedSocks as security evangelist and develops academic classes in hacking.

Programme Cyber Security Sessions 2018

Cyber Security as a Strategy and as a Technical Challenge

A wide range of topics will be covered at the Cyber Security Sessions. Be it from a strategic or a technical point of view; we got you covered with our two tracks. In the Cyber Security as a Strategy track managers will learn through interactive talks about different cybersecurity aspects for your organization. The track Cyber Security as a Technical Challenge we learn you more about the latest developments in cybercrime and the solutions you can use to defend your organization.

Track: Cyber Security as a Technical Challenge

The anonymity of a cyber-attack – Mark de Groot, team lead REDteam KPN             

Looking to understand how hackers and other attackers use cyber technology to attack your network and your executives? In this session we make a deep on how hackers combining the physical, human and cyber element into the perfect attack. With some tangible examples you will know their secrets and how you can manage and mitigate the risk.

Cryptography & telcos: the impact on society – Oscar Koeroo, security strategist KPN   

Cryptographic solutions are a fundamental part of society. Our society relies heavily on a functional digital trust system. How does ‘trust’ work, how do tools establish trust, and what does it mean to lose it? In this talk, the severity of the problem will be addressed and solutions proposed on how to solve or mitigate risks and prevent a crisis.

CSI windows – Mike Jankowski-Lorek, solution architect, developer, data scientist and security expert CQURE

An attacker got into your infrastructure, used server’s misconfiguration, created themselves an account and… This is the moment that we wonder what else could happen except for what we see and if it is possible to trace back hacker’s activities in our systems. By performing several analysis, we are able to get enough evidence of performed malicious actions. This type of monitoring can also useful when performing the regular investigation of what happened in the system, not only from the attacker’s perspective.  This session is a deep-dive into the monitoring world. Be prepared for a hard-core technical ride.

Adventures in Underland: Is encryption solid as a rock or a handful of dust? – Greg Tworek, Director CQURE

Encryption is based on three principals: algorithm, key length, and storage. It has also become more popular and it is more often built into databases, networks, config files, OS, and users’ secrets. Is DPAPI and DPAPI-NG enough for us? Unfortunately there are many slip-ups that can be made. Come and learn if ‘encrypted’ = or != ‘safe’ and when!

Stretching your database beyond datacentre: deep-dive into features of hybrid environment – Mike Jankowski-Lorek

Hybrid IT infrastructure is the feature of IT environments. It provides both security of your data on premise with the high availability and resiliency provided by cloud solutions. In this session you will learn how to securely integrate your on premise SQL Servers with Azure SQL Database and SQL Servers on Azure VM’s. We will focus especially on new feature SQL Server stretched database which makes warm and cold data available to users at low cost. This will be intense, demo full session with strong focus on data security at all times.

Explore Adventures In The Underland: Forensic Techniques Against Hackers Evading The Hook – Greg Tworek

Cybercrime is a very lucrative business not just because of the potential financial return, but because it quite easy to get away with. Sometimes hackers get caught, but most of the time they still run free. When it comes to operating system and after-attack traces, it is not that bad as all traces are gathered in one place – your infrastructure. Even though hackers use techniques to remain on the loose, it is possible by using forensic techniques to gather evidence in order to demonstrate what actually happened.

Hacking the IOT – Mattijs van Ommeren, Principal Security Consultant Nixu Corporation

Inhoud volgt

Pentesting is dead, long live pentesting – Mattijs van Ommerren Principal Security Consultant Nixu Corporation

Inhoud volgt

Keynotes

The truth about responsible disclosure and bug bounty – Edwin van Andel, CEO Zerocopter

In the ever changing security landscape we are slowly seeing a shift from labelling hackers per default as ‘bad and malicious individuals’, to accepting them more often as ‘useful and potentially friendly’. We see more and more companies starting a bug bounty program and/or a Responsible Disclosure (Coordinated vulnerability disclosure) program.

In this interactive and mostly humorous talk Edwin will start with defining security (in a grotesque way), followed by the ‘real’ definition of hackers, the way hackers think and work, and how they can be used instead of feared by companies. He’ll show how bug bounties and the Responsible Disclosure processes can work, but also how they sometimes do not. Edwin will take the audience with him along the path to these fails, and discuss the way we can –or could have- improve(d) these processes. His final ‘calculation’ will even try to open the door to a safer online world! (from a hacker’s point of view that is.) 😉

Securing DevOps teams is challenging – Ruben van Vreeland, CEO RedSocks

With DevOps, there is a higher return on investment in code by making it possible to release new features to production in real-time. This can be done by automating tests, which is something that is hard to do for security.  Now, you have to choose: lower returns on investment in features and losing customers by delaying deployments, or risking data breaches in functionality that went live untested. With real-time instrumentation you can isolates attackers from actual customers transparently, moving the attack traffic to the audited version of an application while actual customers have access to the latest features.

Track: Cyber Security as a Strategy

Continuous Red Teaming – Henk Boot, Security Operations Center lead

The term “computer fraud” was used before cybercrime became common. In the course of the 40 years I have been active in IT, I have seen a great deal of computer fraud, and now cybercrime. I will provide a few examples of computer fraud and cybercrime through the decades. With the increased threat level – criminals have exchanged a mouse for the old crowbar – defenses must keep pace. Actually – defenses should anticipate the threat. Of course we have set up an SOC or CSIRT to monitor our IT environment and respond to an incident when it occurs. But this is a reactive response, and not nearly efficient enough to protect against current threat levels. What about pen testing?  That is not enough either. The scope is too narrow and it provides only a momentary snapshot. What is really needed is Continuous Red Teaming where a distinct team is assigned to attack the IT environment and the Blue Team on a 24/7 basis, because that is what cybercriminals do. What are the advantages of this approach? How do you set it up, and are the costs acceptable?

Transform your organization and stay secure – Eelco Stofbergen, Cyber Security & IT Risk leader CGI

Transform your organization and stay secure – Digital transformation of the governance and enterprise market is causing an increase in dependency on technology and data and an increase the vulnerability for cyber attacks. This demands a different approach on information security and the way it is embedded in an organization.

Supplier security – Ralf Willems, Senior Security Officer KPN

Businesses are already struggling to protect their digital supply chain from the dynamic cybercrime organisations that continue to grow in sophistication and efficiency. How do you translate your security standard in an effective manner to concrete requirements for your suppliers?

The actionable psychology of social engineering, how knowledge empowers and wisdom liberating! – Andres Rutkens, Adviseur social engineering Insite Security

This talk will take you on a journey to the dark side of global networks, where it comes down to access, connectivity and in the end money and power. Hackers find themselves at a fairly young age in the wild west called internet where it is unclear if someone is an unwitting spectator, participant, manipulator or being manipulated.

Security Awareness – Wilbert Pijnenburg, Aware24

It is considered common knowledge: “humans are the weakest link”. We have made great strides in managing our technology, but know that when digital transformation occurs we also have to focus on our employees. However, this area is much less concrete and many organizations struggle to determine what an effective awareness program should look like. This presentation describes the successful aspects of an effective security awareness program. Why is it a bad idea to call our employees “the weakest link”? How can we empower our employees and bring them back into focus?

Cybersecurity and ransomware – Eward Driehuis, Chief Research Officer Securelink

SecureLink Research Chief shares interconnected war stories on the underground, ransomware and geo political threat. He’ll extrapolates their impact and risk to your organization, and indulge in a small peek into the future.

Security in the cloud – Michiel Broekhuizen, Trainer Global Knowledge

As powerful as cloud computing is for the organization, understanding its information security risks and mitigation strategies is critical. Legacy approaches are inadequate, and organizations need competent, experienced professionals equipped with the right cloud security knowledge and skills to be successful.

 

Security awareness escape room

If you live in the world of securing bits and bytes, take a moment to learn the other side of security, the human world. When you enter the escape room you will gain insight in different aspects of cyber security like secured networks, encrypted passwords, viruses and worms and counter-hacking. You have to make some safe and unsafe choices based on real-life situations. Whether you will make the right choices or not, you will gain more knowledge on how to make your organization more secure. The escape room can be entered by 3-6 people. After you have registered you will get the option to book a time slot for the escape room.

Day 1

Technology Track

9.00 - 10.00 Keynote: Eelco Stofbergen

Info will follow

10.00 - 11.00 Keynote: Edwin van Andel

The truth about responsible disclosure and bug bounty – Edwin van Andel, CEO Zerocopter

In the ever changing security landscape we are slowly seeing a shift from labelling hackers per default as ‘bad and malicious individuals’, to accepting them more often as ‘useful and potentially friendly’. We see more and more companies starting a bug bounty program and/or a Responsible Disclosure (Coordinated vulnerability disclosure) program.

In this interactive and mostly humorous talk Edwin will start with defining security (in a grotesque way), followed by the ‘real’ definition of hackers, the way hackers think and work, and how they can be used instead of feared by companies. He’ll show how bug bounties and the Responsible Disclosure processes can work, but also how they sometimes do not. Edwin will take the audience with him along the path to these fails, and discuss the way we can –or could have- improve(d) these processes. His final ‘calculation’ will even try to open the door to a safer online world! (from a hacker’s point of view that is.) 😉

11.00 - 11.30 Break
11.30 - 12.30 The actionable psychology of social engineering, how knowledge empowers and wisdom liberating!

Andres Rutkens, Adviseur social engineering – Stichting CHORUS

This talk will take you on a journey to the dark side of global networks, where it comes down to access, connectivity and in the end money and power. Hackers find themselves at a fairly young age in the wild west called internet where it is unclear if someone is an unwitting spectator, participant, manipulator or being manipulated.

12.30 - 13.30 Lunch
13.30 - 14.30 CSI Windows

Mike Jankowski-Lorek, solution architect, developer, data scientist and security expert CQURE

An attacker got into your infrastructure, used server’s misconfiguration, created themselves an account and… This is the moment that we wonder what else could happen except for what we see and if it is possible to trace back hacker’s activities in our systems. By performing several analysis, we are able to get enough evidence of performed malicious actions. This type of monitoring can also useful when performing the regular investigation of what happened in the system, not only from the attacker’s perspective. This session is a deep-dive into the monitoring world. Be prepared for a hard-core technical ride.

14.45 - 15.45 Stretching your database beyond datacenter: deep-dive into features of hybrid environment

Mike Jankowski-Lorek, solution architect, developer, data scientist and security expert CQURE

Hybrid IT infrastructure is the feature of IT environments. It provides both security of your data on premise with the high availability and resiliency provided by cloud solutions. In this session you will learn how to securely integrate your on premise SQL Servers with Azure SQL Database and SQL Servers on Azure VM’s. We will focus especially on new feature SQL Server stretched database which makes warm and cold data available to users at low cost. This will be intense, demo full session with strong focus on data security at all times.

15.45 - 16.00 Break
16.00 - 17.00 Keynote: Ruben van Vreeland

Securing DevOps teams is challenging – Ruben van Vreeland, CEO Bit Sensor

With DevOps, there is a higher return on investment in code by making it possible to release new features to production in real-time. This can be done by automating tests, which is something that is hard to do for security.  Now, you have to choose: lower returns on investment in features and losing customers by delaying deployments, or risking data breaches in functionality that went live untested. With real-time instrumentation you can isolates attackers from actual customers transparently, moving the attack traffic to the audited version of an application while actual customers have access to the latest features.

17.00 Drinks & Bites

Strategy Track

9.00 - 10.00 Keynote: Eelco Stofbergen

Info will follow

10.00 - 11.00 Keynote: Edwin van Andel

The truth about responsible disclosure and bug bounty – Edwin van Andel, CEO Zerocopter

In the ever changing security landscape we are slowly seeing a shift from labelling hackers per default as ‘bad and malicious individuals’, to accepting them more often as ‘useful and potentially friendly’. We see more and more companies starting a bug bounty program and/or a Responsible Disclosure (Coordinated vulnerability disclosure) program.

In this interactive and mostly humorous talk Edwin will start with defining security (in a grotesque way), followed by the ‘real’ definition of hackers, the way hackers think and work, and how they can be used instead of feared by companies. He’ll show how bug bounties and the Responsible Disclosure processes can work, but also how they sometimes do not. Edwin will take the audience with him along the path to these fails, and discuss the way we can –or could have- improve(d) these processes. His final ‘calculation’ will even try to open the door to a safer online world! (from a hacker’s point of view that is.) 😉

11.00 - 11.30 Break
11.30 - 12.30 Cryptography & telcos: the impact on society

Oscar Koeroo, security strategist KPN

Cryptographic solutions are a fundamental part of society. Our society relies heavily on a functional digital trust system. How does ‘trust’ work, how do tools establish trust, and what does it mean to lose it? In this talk, the severity of the problem will be addressed and solutions proposed on how to solve or mitigate risks and prevent a crisis.

12.30 - 13.30 Lunch
13.30 - 14.30 • Pentesting is dead, long live red teaming?!

Erwin Paternotte, Lead Security Consultant Nixu Corporation

Companies conduct penetration tests on a regular basis, but we still hear about hacked companies in the news almost every day.
Why is that?
As a response to this development, there has been a noticeable shift in recent years of penetration tests moving in the direction of red team tests. More and more customers ask for a red team test, but in practice, it appears that there is much confusion about what such a test actually entails. In order to create some order in the chaos, we look at the shortcomings of penetration tests and the differences between penetration tests and red team tests. We then discuss a framework for conducting red team tests.

14.45 - 15.45 Supplier security

Ralf Willems, Senior Security Officer KPN

Businesses are already struggling to protect their digital supply chain from the dynamic cybercrime organizations that continue to grow in sophistication and efficiency. How do you translate your security standard in an effective manner to concrete requirements for your suppliers?

15.45 - 16.00 Break
16.00 - 17.00 Keynote: Ruben van Vreeland

Securing DevOps teams is challenging – Ruben van Vreeland, CEO RedSocks

With DevOps, there is a higher return on investment in code by making it possible to release new features to production in real-time. This can be done by automating tests, which is something that is hard to do for security.  Now, you have to choose: lower returns on investment in features and losing customers by delaying deployments, or risking data breaches in functionality that went live untested. With real-time instrumentation you can isolates attackers from actual customers transparently, moving the attack traffic to the audited version of an application while actual customers have access to the latest features.

17.00 Drinks & Bites

Day 2

Technology Track

09.00 - 09.45 Keynote: Henk Boot

Continuous Red Teaming – Henk Boot, Security Operations Center lead

The term “computer fraud” was used before cybercrime became common. In the course of the 40 years I have been active in IT, I have seen a great deal of computer fraud, and now cybercrime. I will provide a few examples of computer fraud and cybercrime through the decades. With the increased threat level – criminals have exchanged a mouse for the old crowbar – defenses must keep pace. Actually – defenses should anticipate the threat. Of course, we have set up a SOC or CSIRT to monitor our IT environment and respond to an incident when it occurs. But this is a reactive response, and not nearly efficient enough to protect against current threat levels. What about pen testing? That is not enough either. The scope is too narrow and it provides only a momentary snapshot. What is really needed is Continuous Red Teaming where a distinct team is assigned to attack the IT environment and the Blue Team on a 24/7 basis, because
that is what cybercriminals do. What are the advantages of this approach? How do you set it up, and are the costs acceptable?

09.45 - 10.30 Keynote: Eward Driehuis

Cybersecurity and ransomware – Eward Driehuis, Chief Research Officer Securelink

SecureLink Research Chief shares interconnected war stories on the underground, ransomware and geo political threat. He’ll extrapolates their impact and risk to your organization, and indulge in a small peek into the future.

10.30 - 11.00 Break
11.00 - 12.00 Security in the cloud

Michiel Broekhuizen, Trainer Global Knowledge

As powerful as cloud computing is for the organization, understanding its information security risks and mitigation strategies is critical. Legacy approaches are inadequate, and organizations need competent, experienced professionals equipped with the right cloud security knowledge and skills to be successful.

12.15 - 13.00 Adventures in Underland: Is encryption solid as a rock or a handful of dust?

Greg Tworek, Director CQURE

Encryption is based on three principals: algorithm, key length, and storage. It has also become more popular and it is more often built into databases, networks, config files, OS, and users’ secrets. Is DPAPI and DPAPI-NG enough for us? Unfortunately there are many slip-ups that can be made. Come and learn if ‘encrypted’ = or != ‘safe’ and when! Stretching your database beyond datacentre: deep-dive into
features of hybrid environment – Mike Jankowski-Lorek Hybrid IT infrastructure is the feature of IT environments.

13.00 - 14.00 Lunch
14.00 - 15.00 Explore Adventures In The Underland: Forensic Techniques Against Hackers Evading The Hook

Greg Tworek, Director CQURE

Cybercrime is a very lucrative business not just because of the potential financial return, but because it is quite easy to get away with. Sometimes hackers get caught, but most of the time they still run free. When it comes to operating system and after-attack traces, it is not that bad as all traces are gathered in one place – your infrastructure. Even though hackers use techniques to remain on the loose, it is possible by using forensic techniques to gather evidence in order to demonstrate what actually happened.

15.45 - 16.00 Break
16.00 - 17.00 The anonymity of a cyber-attack

Mark de Groot team lead RED team KPN

Looking to understand how hackers and other attackers use cyber technology to attack your network and your executives? In this session we make a deep on how hackers combining the physical, human and cyber element into the perfect attack. With some tangible examples you will know there secrets and how you can manage and mitigate the risk.

17.00 Drinks & Bites

Strategy Track

09.00 - 09.45 Keynote: Henk Boot

Continuous Red Teaming – Henk Boot, Security Operations Center lead

The term “computer fraud” was used before cybercrime became common. In the course of the 40 years I have been active in IT, I have seen a great deal of computer fraud, and now cybercrime. I will provide a few examples of computer fraud and cybercrime through the decades. With the increased threat level – criminals have exchanged a mouse for the old crowbar – defenses must keep pace. Actually – defenses should anticipate the threat. Of course, we have set up a SOC or CSIRT to monitor our IT environment and respond to an incident when it occurs. But this is a reactive response, and not nearly efficient enough to protect against current threat levels. What about pen testing? That is not enough either. The scope is too narrow and it provides only a momentary snapshot. What is really needed is Continuous Red Teaming where a distinct team is assigned to attack the IT environment and the Blue Team on a 24/7 basis, because
that is what cybercriminals do. What are the advantages of this approach? How do you set it up, and are the costs acceptable?

09.45 - 10.30 Keynote: Eward Driehuis

Cybersecurity and ransomware – Eward Driehuis, Chief Research Officer Securelink

SecureLink Research Chief shares interconnected war stories on the underground, ransomware and geo political threat. He’ll extrapolates their impact and risk to your organization, and indulge in a small peek into the future.

10.30 - 11.00 Break
11.00 - 12.00 Security Awareness

Wilbert Pijnenburg, BeOne Development

It is considered common knowledge: “humans are the weakest link”. We have made great strides in managing our technology, but know that when digital transformation occurs we also have to focus on our employees. However, this area is much less concrete and many organizations struggle to determine what an effective awareness program should look like. This presentation describes the successful aspects of an effective security awareness program. Why is it a bad idea to call our employees “the weakest link”? How can we empower our employees and bring them back into focus?

12.15 - 13.00 Hacking the IoT

Alexander Värä, Head of Industrial Internet, Nixu Corporation

The prediction of all the products in the world being connected is getting closer year by year. The estimates on how many connected devices there will be in 2020 range from 30 billion to over 200 billion. No matter what forecast will end up being true, the fact is that there are tremendous business opportunities in IoT.

In order to help companies identify IoT cybersecurity risks, there is a pioneering event called TheWreckathon, where companies can evaluate the security of their products and services, learn hands-on about product penetration testing, security- and privacy-by-design concepts, all in 30 hours. With the new hacking event concept, the goal is to raise the profile of security culture in the IoT domain and showcase how IoT products can be secured. In addition, the wreckathon is an excellent opportunity to challenge cyber security experts with cutting edge technologies in a private Bug Bounty type of event, which feeds the curiosity and enthusiasm of the best professionals in Europe.

13.00 - 14.00 Lunch
14.00 - 15.00 How to lose the war

Adrianus Warmenhoven, Security Evangelist RedSocks Security

Within organizations, most security efforts are bottom up; i.e. the work floor needs to secure everything first, then the next layer and so on. However, the more sophisticated attacker, especially the one that has done the homework and knows an organization better than the average HR staffer, will attack top down.

Why? Well, first and foremost because of what is mentioned in the first paragraph; the bottom up thing.

The reasons for securing bottom up can be many; going from laziness (“it will take a while before it is my turn”), via information overload (“when they get to me, the smart people will have figured out what to do and when”) to management bluster (“I am the boss, why should I be constrained?”). And of course, there are ample ‘good’ reasons (although I have yet to hear these…). And attacking is always a ‘least effort first’ game. And with all the awesome pivoting opportunities nowadays, most of the time it is ‘figure out who is the boss, get his/her info and game on!’.

As an employee, if you see many issues and you report them, will you, at one point, be ‘that guy’ and be ignored or even side-tracked? Or will you be shouted at and be told that you have no ‘permission’ to do that? Even though your valid counter is that no evil attacker ever asks for permission (well, if they do, they usually know they will get it).

As an outsider, who do you talk to? Who do you trust? If you mention it to someone that has it in for the boss… can you trust them not to use the trail you left to incriminate you?

Let’s start from a single point:  if your boss has no way to send securely encrypted messages, you have already lost the war.

15.45 - 16.00 Break
16.00 - 17.00 Let’s talk about risk!

Wim Remes, CEO, Principal Consultant, Wire Security

Green, yellow, red. With some shades in between, this is how information security has been looking at risk for the longest time and it just doesn’t work. We are supporting businesses and executives. They have to make decisions based on the information we provide. It is time we start speaking their language : money. In this talk I will walk you through the basics of the FAIR risk management framework and show how we can move to a fully quantified risk management approach that not only involves, but actually empowers the business.

 

17.00 Drinks & Bites