F-Secure Consulting Event

How organisations build resilience against today's attackers

11 March 2021

13:30 - 16:15

Virtual Client Briefing, Copenhagen, Denmark

Join us for this virtual client briefing where we will share our insights from F-Secure Consulting. Sign up now and join us for a virtual briefing on 11 March from 13:30 to 16:15 CET.

Join us for our virtual client briefing where F-Secure Consulting will share insights on cloud security and how to build cyber resilience. The agenda is set for you to attend the complete briefing or just pick and attend some of the agenda sessions. Sign up now to reserve your space and get: 

  • Technical and business insights
  • Practical recommendations
  • Trends in the cloud risk and threat landscape
  • Threat intelligence revealing the capabilities you need to maintain resilience
  • High-quality, insight-led content
  • An opportunity to consider new ways of thinking

Agenda

13:30 - 13:40 Welcome
13:40 - 14:25

Towards better cyber security resilience through professional attack simulation, by Tom Van de Wiele

Cyber attacks are still an inconvenient fact for a lot of organisations. Different strategies are being adapted on how to be better informed about what needs protecting against, what the newest attack scenarios are and how to get a handle on them. But do they actually work, and at what cost? After all the risk, governance and compliance models are rolled out. After all hardening has taken place and all checkboxes have been ticked, the fact of the matter is that the map will never be the terrain. Only combined with bespoke and professional attack simulation is it possible to evaluate the sum of all security controls and whether an organisation can endure and ultimately learn from a real attack on their path to better and more cost efficient cyber resilience. Organisations cannot afford a lack of creativity when it comes to the latest attacks and adapting the wrong strategy can make all the difference between a business-as-usual incident meeting on a random Tuesday or being front page news for a week.

This presentation will entail how adversary simulations take place, what organisations are trying to do to protect themselves better and what the trade-offs are when performing the preparation and execution of attack simulations. A number of use cases will be used as examples such as ransomware simulation as well as targeted attack simulation of various kinds.

14:35 - 15:20

Here today, gone tomorrow: the survival techniques your organization needs to withstand a cyber attack, by Jesper Gerved

Our rapid digitalization makes our business operation more and more dependent on technology. Major cyber incidents have unfortunately become a new normal in our world, with adversaries becoming more and more targeted, professional and innovative. New cyber regulations are arriving in multiple industries like e.g. TIBER and DORA. 

All of this puts traditional security practices under pressure while driving up cyber security costs. 

Jesper will discuss the shortcomings of traditional approaches to cybersecurity and give his perspective on how to adapt existing ways of working with cyber security in order to be better equipped for further digitalization given the current threat landscape and new trends in legislation:

  • How can we build a culture of inspiring each other and getting inspired by each other across countries, industries and even among business competitors
  • How can cyber resilience and compliance with regulations be improved and maintained through rainbow teaming, incorporating the key aspects from purple teaming and red teaming exercises while improving communication and understanding of threats and risks among the stakeholders in IT, Business and management.
  • How can executing cyber transformation become more agile to increase speed from initiative to execution and why are continuous cyber transformation the new norm 
15:30 - 16:15

Effectively Securing a Cloud Migration, by Nick Jones

The cloud market is now worth an estimated $240 billion a year and counting, with many organisations adopting a "cloud-native" or "cloud-first" strategy going forward. However, a lot of organisations are encountering a range of challenges as part of that migration. Security, risk management and other critical business functions often do not have the skills or the bandwidth to keep up with the engineering teams driving the business forward.

Nick will share many of the common pitfalls and mistakes organisations make as they move to the cloud, and highlight some key steps to take to ensure that such a transition is undertaken securely and effectively. This will include:

  • How the security landscape changes, compared to traditional on-premises networking
  • Key security controls to implement as part of a cloud migration to defend against common breach scenarios
  • Scaling your cloud security controls and processes across a large organisation
   

Each session consists of a 30 minutes presentation followed by a Q&A session. This enables you to get an insight into the specific topic and to bring forward the questions my might have. Sign up now. We will soon share the link to the event platform.

Speakers

Jesper Gerved
Managing Consultant, Security & Risk Management Consulting, F-Secure DK/SE

Jesper is the Managing Consultant for the Security & Risk Management practice at F-Secure Consulting. Jesper has 15+ years of experience from working in large global organisations and in global consultancies assisting clients on shaping and driving business transformation projects within IT and IT security. Jesper’s competence in using his technical background to understand the IT and IT security related challenges combined with his business mindset and communication skills enable him to interact with clients across the complete organization from board of directors to technical IT and IT security staff.

Nick Jones
Senior Security Consultant, Cloud Security Lead, F-Secure

Nick is a senior security consultant at F-Secure Consulting, where he has delivered a range of assessment types for clients  for the past five years. Nick currently leads F-Secure's cloud security team, in addition to developing and delivering attack detection services. His research time is spent developing tools and techniques for assessing, exploiting and defending cloud deployments. Nick currently holds AWS Certified Security Specialty and OSCP certifications.

Tom Van de Wiele
Principal Security Consultant, F-Secure Cyber Security Services, F-Secure

Tom is Principal Cyber Security Consultant at F-Secure with nearly 20 years of experience in information security. He specializes in red team operations and targeted penetration testing for the financial, gaming and service industry. When not breaking into banks Tom acts as an adviser on topics such as critical infrastructure and IoT as well as incident response and cyber crime.

Register

This event has passed. Please register for one of our upcoming events.

Can't attend? Subscribe to our latest insights and upcoming events in your country.

Accreditations & Certificates

F-Secure Consulting (F-Secure Cyber Security (Pty) Ltd) is a level 4 contributor to B-BBEE with a procurement recognition level of 100%. Learn more and download our B-BBEE certificate. Click here to read the press release.

Follow us
@fsecure_consult F-Secure-Consulting f-secure-foundry fsecurelabs