qubit conference...2 qb c prague 2019 | www. qubitconference.com page no meet the speaking bureau of...
TRANSCRIPT
1
ww
w.q
ub
itconferen
ce.com | Q
uB
it Con
ference PR
AG
UE 2019
1 Page No
QuBit ConferencePRAGUE 2019APRIL 10 - 11 2019 | HOTEL INTERNATIONAL PRAGUE
Universe of Cyber Security
PROGRAM GUIDE
2
Qu
Bit
Con
fere
nce
PR
AG
UE
2019
| w
ww
.qu
bit
con
fere
nce
.com
Page No
MEET THESPEAKING BUREAU of QuBit Conference Prague 2019
Every year, QuBit Speaking Bureau handles the most important part - to find and put together an impressive list of speakers and topics.
RICHARD KISKOVACHead of Speaking Bureau, Independent Cyber Security Consultant
Slovakia
IVAN MAKATURAExecutive consultant, IBM Security Services,Chairman of Cybersecurity Association
Slovakia
PETR KUNSTATIT Security Consultant at Micro Focus
Czech Republic
VACLAV MACHCEO of Czech Publishers’ AssociationCzech Republic
3
ww
w.q
ub
itconferen
ce.com | Q
uB
it Con
ference PR
AG
UE 2019
3 Page No
PRE-CONFERENCE TRAININGS
ANDROID REVERSE ENGINEERING9 APRIL 2019 | PRAGUE
Smartphones and mobile devices are the essential part of our life nowadays. Even the attackers and criminals have realized that and they are targeted these platforms more often. While the principles of analysing and preventing this kind of malicious activities remain similar, the technologies, tools and possibilities of malware can differ.
This training covers fundamentals of the reverse engineering of the mobile applications for Android platform. We aims to decompiling and understanding the mobile apps written in Java and also the native code in shared objects, especially for ARM architecture.
We will introduce a little bit theory about development and components of the Android applications and ARM assembly. During training, the participants will see the tools suitable for behavioral analysis and instrumentaion of the suspicious samples, reverse engineering the Java apps and native code. We will spent a lot of time by practical hands- on with analysing the prepared CTF application utilizing various principles using by the real malware samples.
After this training, participants should be able to understand the design of the Android apps including the native libraries. They also sould be able to read the ARM assembly and reverse engineering the mobile apps from APK sample to Java code and/or ARM assembly services
Duration: 8 hours including lunch break and two 15-minutes coffee breaks Number of attendees: Up to 20 attendees TRAINER: Ladislav Baco & Jan Kotrady Security Analyst, CSIRT.SK
TARGET AUDIENCE: l Malware analysts, security specialists, incident handlers, software developers and enthusiasts with technical skills
PREREQUISITES:
The participants should:l Be familiar with Linux command-line
l Be able to create simple programs (variables, conditions, for-cycles, functions) at least in one scripting language, e.g. Python
l Have a little bit experience with X86 assembly
l Linux laptop with at least 8GB of RAM, 20 GB of free space on HDD/ SSD and installed VirtualBox (64-bit edition)
4
Qu
Bit
Con
fere
nce
PR
AG
UE
2019
| w
ww
.qu
bit
con
fere
nce
.com
Page No
INFORMATION SECURITY RISK MANAGEMENT WORKSHOP9 APRIL 2019 | PRAGUE
In this course students will learn the practical skills necessary to perform regular risk assessments for their organizations. The ability to perform risk management is crucial for organizations hoping to defend their systems. There are simply too many threats, too many potential vulnerabilities that could exist, and simply not enough resources to create an impregnable security infrastructure. Therefore, every organization, whether they do so in an organized manner or not, will make priority decision on how best to defend their valuable data assets. Risk management should be the foundational tool used to facilitate thoughtful and purposeful defence strategies.
Duration: 8 hours
Number of attendees: Up to 20 attendees TRAINER: Ivan Makatura
Executive Consultant at IBM Security Chairman of the Board, Association
of Cybersecurity
TARGET AUDIENCE: l Security specialists, security architects, security engineers, compliance directors, manager l Data protection officers l Operational Risk management
l Compliance managers l Information assurance management l Staff responsible for IT Service Management processes
PREREQUISITES:
A basic understanding of information security and information security management topics is helpful for students attending this class. However a strong background in any of these skills is not a pre-requisite for the class. In the class students will be taught a step by step approach for performing a risk assessment regardless of their technical information security or management background.
5
ww
w.q
ub
itconferen
ce.com | Q
uB
it Con
ference PR
AG
UE 2019
5 Page No
SECURITY INFORMATION & EVENT MANAGEMENT (SIEM)9 APRIL 2019 | PRAGUE
Security operations nowadays, do not suffer from a “Big Data” problem but rather a “Data Analysis” problem. Monitoring tools became an inevitable part of the IT world. Those, who do not use automatic tools for evaluating events and incidents, can’t expect and guarantee adequate level of security. Let’s face it, there are multiple ways to store, process and analyze large amounts of data without any real emphasis on gaining insight into the information collected.
Training provides holistic approach to security management. We aim to provide in – depth insight into SIEM technology.
All participants stand to gain valuable insights:
l In-depth knowledge of what SIEM technology is and how to implement, configure and fine-tune SIEM technology l Solid understanding of how to use SIEM capabilities for business intelligence l Hands-on experience with how to deploy SIEM technologies (various log types analysis, how to process unknown logs, regex practice, incident investigation a analysis, rules creation,..) l Insight into how to monitor, identify, document and respond to security threats and reduce false-positive alerts l Thorough understanding of compliance reporting and documentation
Duration: 8 hours including lunch break and two 15-minutes coffee breaks
Number of attendees: Up to 20 attendees TRAINER: Pavol Dovicovic
Head of Information Security and Infrastructure, EMM
TARGET AUDIENCE: l Security specialists, security architects, security engineers, compliance directors, manager l Data protection officers l Operational Risk management
l Compliance managers l Information assurance management l Staff responsible for IT Service Management processes
PREREQUISITES:
Notebook with Windows or Linux,at least 8 GB of RAM
6
Qu
Bit
Con
fere
nce
PR
AG
UE
2019
| w
ww
.qu
bit
con
fere
nce
.com
Page No
SOLUTION CENTER
APRIL 10-11, 2019 |
INTRODUCING SPONSORS AND THEIR SOLUTIONS
SCHEDULEApril 10: April 11:
10:30 - 17:00
9:30 - 15:0010:00 - 10:30 LIGHTNING TALKS Solution Center Opening
DEMO CORNER presentations
DEMO CORNER presentations
QUBIT CONFERENCE ADD-IN EVENT
Our Solution Center partners present demonstrations and their original know-how on specific issues you are facing on a daily basis.
Network Visibility, Security & Analytics in practice. In Solution Center will be able to see, among other things, various case studies focused on: 1. Encrypted Traffic Alalyses for Cryptographic Assessment & Management 2. Early Detection of Cryptojacking 3. End-to-end monitoring of public cloud / cloud applications 4. Flowmon IDS 5. Early detection of threats regarding NISD & GDPR ... And many others.”
Excalibur utilizes the mobile phone to act as a secure hardware token for any and all authentication and authorization needs inside of the enterprise. The ultimate goal is to move all forms of authentication and authorization away from passwords, replace them seamlessly with smartphone-based strong but user-friendly multi-factor authentication. Excalibur unique value is in providing backward compatibility with all the applications, Operating Systems (OS) and services the enterprise uses today thus creating a bridge between the password-based present day and password-free future.
Our pioneering Security Operating Platform emboldens our customers’ digital transformation with continuous innovation that seizes the latest breakthroughs in security, automation, and analytics. By delivering a true platform and empowering a growing ecosystem of change-makers like us, we provide highly effective and innovative cybersecurity across clouds, networks, and mobile devices. We are present in Eastern Europe since 2014 with native sales, marketing, services and support teams.
CYBER LAB DEMONSTRATIONS: DIFFERENT APPROACHES TO EVERYDAY SECURITY CHALLENGES
8
Qu
Bit
Con
fere
nce
PR
AG
UE
2019
| w
ww
.qu
bit
con
fere
nce
.com
Page No
TRACK A TRACK B
9:00 - 9:10Conference Opening
Maria Kalicakova I QuBit Security | Zdenek Hrib I Mayor of Prague
9:10 - 10:00 Case study: Nation State Attack APT10 – Operation Cloud Hopper Opening Keynote
Ondrej Krehel & Jean Gobin I LIFARS
10:00 - 10:30 Solution center Opening - Lightning talks10:30 - 11:1510:30 - 10:40
10:40 - 11:15
Cryptocurrencies: 10 years laterJarek Jakubcek I Europol
PROJECT “TIERCEL”Viktor Paggio I NUKIB
Big Data in the service of Czech GovCERTLadislav Straka I SANDS
11:15 - 11:30 Coffee Break
11:30 - 12:15 Defensive deception - a hole as a security control Alex Lozikoff I Softprom
How to Test Artificial Intelligence? Can artificial intelligence cheat us? Marek Zeman & Peter Kopriva I Tatra banka
12:15 - 13:00 We Pass the Costs to You! An analysis of Cryptomining and CryptojackingJosh Pyorre I CISCO
Machine learning on the field of Threat HuntingGergo Gyebnar I Black Cell
13:00 - 14:00 Lunch14:00 - 14:20 Securing Online Transactions on the Edge
Chris Adam I Cloudflare
14:20 - 14:50 FIRE CHAT JOHN FRANCHI I former U.S. GOVERNMENT
14:50 - 15:20 Future of security technologies panel discussion
Moderator: Josh Pyorre I CISCOPanelists: Michal Drozd I GREYCORTEX, Pavol Dovicovic I EMM
15:20 - 15:35 Evil Qubits - The Threat of Quantum Cryptanalysis Explained Tomas Rosa I Raiffeisen BANK
Don’t Acquire Your Next Breach:Managing the Vendor Risk Lifecycle Linda Thielova I OneTrust
15:35 - 15:50 Coffee Break
15:50 - 16:20 Cybercriminal’s mind - The anatomy of a targeted attack
Jiri Vanek I Unicorn
The Good, the Bad and the Ugly of Millions of Security Alerts Nadav Avital I IMPERVA
16:20 - 16:50 The Role and Mission of Government in Cyber security panel discussion
Moderator: Ivan Makatura I IBM Security ServicesPanelists: Rastislav Janota I National Unit SK-CERT Laurent Weber I Governmental CERT of Luxembourg Viktor Paggio I NUKIB
Hit me baby one more time- story of an ordinary spamtrap
Boris Mutina I Excello
16:50 - 17:05 Life is a breach – what’s next? Closing Keynote
Peter Beres I SophistIT
17:05 - 17:15 Closing remarks
DAY 110 APRIL DAY 2
11 APRIL
9
ww
w.q
ub
itconferen
ce.com |
Qu
Bit C
onferen
ce PRA
GU
E 2019
9 Page No
TRACK A TRACK B
8:30 - 8:50 Registration
8:50 - 9:00 House Keeping Notes from Organizer
9:00 - 9:30 Ghost Hunting Opening Keynote
Peter J. Ahearn Jr. I FBI
9:30 - 10:15 From the Lab to Nmap: How the OSSTMM cut the distance between Science and Cyber SecurityRem Elnahas I Security Solutions Consultants
Friend or foe?Peter Kosinar I ESET
10:15 - 11:00 Using Big Data technologies to improve SIEM scalabilityGabriela Aumayr & Josef Niedermeier I HPE
The Cyber Forensics Lab Evidence Review: Cryptocurrency 80 Million Hack and SamSam Ransomware Ring Case study
Ondrej Krehel & Jean Gobin I LIFARS
11:00 - 11:20 Coffee Break11:20 - 11:50 Mobile Health applications and privacy
Zuzana Cich Hecko I Allen & Overy
Securing the virtualized world
Jan Marek I KPCS
11:50 - 12:20 CISO role in Enterprise panel discussion
Moderator: Peter Beres I SophistITPanelists: Charles Tango I ALTRIA, Ondrej Bona I Slovenska sporitelna, Petr Chlumsky I ALZA, Pavol Dovicovic I EMM
12:20 - 13:20 Lunch13:20 - 13:50 CISO and DPO–allies or enemies?
A story on combining cybersecurity and data-protection in the evolving threat landscape Mauriche Kroos I Enexis Group
DEMONSTRATION ATTACK ON BLOCKCHAINTomas Zatko I Citadelo
13:50 - 14:20 Chaos vs. Complexity: The GDPR’s impact on data protection norms around the world
Eduard Goodman I CyberScout
Cybersecurity and Blockchains - Are blockchains secure? Maximizing the potential of blockchains and Emerging Tech
Adewale O Omoniyi I IBM
14:20 - 14:35 Coffee Break14:35 - 15:05 Breaking the silence - cyber insurance
Rozalie Ryclova I BoxtrapSecurity Intelligence - Security AutomationRoman Cupka I Flowmon Networks
15:05 - 15:50 Women in Technology, Privacy, Risk and Cyber panel discussion
Moderator: Ondrej Krehel I LIFARS Panelists: Jenny Boneva I ISACA Sofia, Linda Thielova I OneTrust, Alexandra Dorcakova I T-Systems
Katarina Rolna I Tatra banka, Marianna Belyavskiy I CIT Bank, Eva Skornickova I Data Privacy and Cybersecurity Advisor
15:50 - 16:00 RAFFLE & Closing speech
DAY 211 APRIL
10
Qu
Bit
Con
fere
nce
PR
AG
UE
2019
| w
ww
.qu
bit
con
fere
nce
.com
Page No
B-CRIX, THE BUSINESS CYBER RESILIENCE INDEXAUXILIARY CONFERENCE PROGRAM
THE BUSINESSES AND THEIR ABILITY TO REACT TO CRITICAL CYBER CHALLENGES, OR WHERE IS MY BUSINESS.
ROUND TABLE DISCUSSION DATE: 11:20 - 12:45 | APRIL 11, 2019
To whom it may concern: Security Vendor Leaders, Sales teams, Architects and Solution specialists
What CEOs think about cyber stuffHow to bring attentionTo make a business, easy to understand is key
CHAIRMAN OF THE PROGRAM:Igor Senkarcin I Cyber STRING
Agenda to discuss:• The Cyber Readiness Indexes – why it is important for my business• Many methodologies, many purposes, many results• From stomach feeling to market demand generation project• How to engage / where to focus – the early bird benefits
The Round Table opens the debate, where to point the attention and how to link the real business experience to the project concept, to make the index really working.
The all comments and suggestions addressed by attendees will promote the early project opening and helps to set up the core project partnerships.
12
Qu
Bit
Con
fere
nce
PR
AG
UE
2019
| w
ww
.qu
bit
con
fere
nce
.com
Page No
CISO ROUND TABLEAUXILIARY CONFERENCE PROGRAM 15:15 - 16:45 | APRIL 10, 2019
ROLE OF THE CISO OF NOWADAYS, CLOUD AND DATA SHARING, CISO TRENDS, ARTIFICIAL INTELLIGENCE, ePRIVACY AND MORE
Chair of the program - Marek Zeman I CISO, Tatra banka
MANDATORY AUDIENCE: CISO, acting CISO, CTO, CSO and all CISO enthusiasts
0. Introduction1. How has day to day business changed from last year? 2. How do you perceive the role of the CISO, is it the one who hinders business? Can you imagine CISO as a business enabler?3. Over the past few years, CISO has been cooperating with DPOs in individual companies, to what extent have you managed to work together and how are responsibilities shared in your business?4. The cloud theme is currently being launched. How do you perceive the cloud? Is it a danger or is it safe and what about cloud security?5. The above question also highlights the problem of sharing data between companies and data storage in Cloud Data lakes, which is preferred in parent companies. What is the view of security experts on this type of business solution?6. What are the future trends from your perspective for CISO?7. The popular theme is Artificial Intelligence. Is it possible to set up security for this type of problem? How do we know that AI does not program itself and do not do the wrong thing?8. A popular legal threat is ePRIVACY? how do you prepare for this legislation? What do you think? Will the access to client data protection change?9. END
13
ww
w.q
ub
itconferen
ce.com | Q
uB
it Con
ference PR
AG
UE 2019
13 Page No
NETWORKING DINNER10 April, 2019
VIP RECEPTION9 April, 2019
NETWORKING EVENTS
Sponsored by
Supporting partners:
Media partners:
Diamond Sponsor: Platinum Sponsor:
Sponsored by:
C CY B E RS T R I N GI
S
Silver Sponsors: Sponsors: