Sign up now to reserve your space and get:
|13:30 - 13:40||
|13:40 - 14:25||
Towards better cyber security resilience through professional attack simulation - Tom Van de Wiele
Cyber attacks are still an inconvenient fact for a lot of organizations. Different strategies are being adapted on how to be better informed about what needs protecting against, what the newest attack scenarios are, and how to get a handle on them. But do they actually work, and at what cost? After all the risk, governance, and compliance models are rolled out. After all hardening has taken place and all check boxes have been ticked, the fact of the matter is that the map will never be the terrain. Only combined with bespoke and professional attack simulation is it possible to evaluate the sum of all security controls and whether an organization can endure and ultimately learn from a real attack on their path to better and more cost-efficient cyber resilience. Organizations cannot afford a lack of creativity when it comes to the latest attacks and adapting the wrong strategy can make all the difference between a business-as-usual incident meeting on a random Tuesday or being front-page news for a week.
This presentation will entail how adversary simulations take place, what organizations are trying to do to protect themselves better and what the trade-offs are when performing the preparation and execution of attack simulations. A number of use cases will be used as examples such as ransomware simulation as well as targeted attack simulation of various kinds.
|14:35 - 15:20||
Here today, gone tomorrow: the survival techniques your organization needs to withstand a cyber attack - Jesper Gerved
Our rapid digitalization makes our business operation more and more dependent on technology. Major cyber incidents have unfortunately become a new normal in our world, with adversaries becoming more and more targeted, professional, and innovative. New cyber regulations are arriving in multiple industries like e.g. TIBER and DORA.
All of this puts traditional security practices under pressure while driving up cyber security costs.
Jesper will discuss the shortcomings of traditional approaches to cybersecurity and give his perspective on how to adapt existing ways of working with cyber security in order to be better equipped for further digitalization given the current threat landscape and new trends in legislation:
|15:30 - 16:15||
Effectively Securing a Cloud Migration - Nick Jones
The cloud market is now worth an estimated $240 billion a year and counting, with many organizations adopting a "cloud-native" or "cloud-first" strategy going forward. However, a lot of organizations are encountering a range of challenges as part of that migration. Security, risk management, and other critical business functions often do not have the skills or the bandwidth to keep up with the engineering teams driving the business forward.
Nick will share many of the common pitfalls and mistakes organizations make as they move to the cloud, and highlight some key steps to take to ensure that such a transition is undertaken securely and effectively. This will include:
Managing Consultant, Security & Risk Management Consulting, F-Secure DK/SE
Jesper is the Managing Consultant for the Security & Risk Management practice at F-Secure Consulting. Jesper has 15+ years of experience from working in large global organizations and in global consultancies assisting clients on shaping and driving business transformation projects within IT and IT security. Jesper’s competence in using his technical background to understand the IT and IT security-related challenges combined with his business mindset and communication skills enable him to interact with clients across the complete organization from the board of directors to technical IT and IT security staff.
Senior Security Consultant, Cloud Security Lead, F-Secure
Nick is a senior security consultant at F-Secure Consulting, where he has delivered a range of assessment types for clients for the past five years. Nick currently leads F-Secure's cloud security team, in addition to developing and delivering attack detection services. His research time is spent developing tools and techniques for assessing, exploiting, and defending cloud deployments. Nick currently holds AWS Certified Security Specialty and OSCP certifications.
Tom Van de Wiele
Principal Security Consultant, F-Secure Cyber Security Services, F-Secure
Tom is Principal Cyber Security Consultant at F-Secure with nearly 20 years of experience in information security. He specializes in red team operations and targeted penetration testing for the financial, gaming, and service industry. When not breaking into banks Tom acts as an adviser on topics such as critical infrastructure and IoT as well as incident response and cyber crime.