PRAGUE 2019 QUBIT CONFERENCE - PROGRAM GUIDE

Page created by Miguel Rose
 
CONTINUE READING
PRAGUE 2019 QUBIT CONFERENCE - PROGRAM GUIDE
Universe of Cyber Security

                                             PROGRAM GUIDE

                                                                   www.qubitconference.com | QuBit Conference PRAGUE 2019

QuBit Conference
PRAGUE 2019
APRIL 10 - 11 2019 | HOTEL INTERNATIONAL PRAGUE

                                                     1   Page No
PRAGUE 2019 QUBIT CONFERENCE - PROGRAM GUIDE
MEET THE
                                                            SPEAKING BUREAU
                                                            of QuBit Conference Prague 2019
                                                            Every year, QuBit Speaking Bureau handles the most important part - to find and put
                                                            together an impressive list of speakers and topics.

                                                                                       RICHARD KISKOVAC
                                                                                       Head of Speaking Bureau, Independent
                                                                                       Cyber Security Consultant

                                                                                       Slovakia

                                                                                       IVAN MAKATURA
                                                                                       Executive consultant, IBM Security Services,
                                                                                       Chairman of Cybersecurity Association

                                                                                       Slovakia

                                                                                       PETR KUNSTAT
QuBit Conference PRAGUE 2019 | www.qubitconference.com

                                                                                       IT Security Consultant at Micro Focus

                                                                                       Czech Republic

                                                                                       VACLAV MACH
                                                                                       CEO of Czech Publishers’ Association
                                                                                       Czech Republic

                                                         Page No   2
PRAGUE 2019 QUBIT CONFERENCE - PROGRAM GUIDE
PRE-CONFERENCE
TRAININGS
                                            ANDROID REVERSE ENGINEERING
                                            9 APRIL 2019 | PRAGUE
                                            Smartphones and mobile devices are the essential part of our
                                            life nowadays. Even the attackers and criminals have realized
                                            that and they are targeted these platforms more often. While
                                            the principles of analysing and preventing this kind of malicious
                                            activities remain similar, the technologies, tools and possibilities
                                            of malware can differ.

                                            This training covers fundamentals of the reverse engineering
                                            of the mobile applications for Android platform. We aims to
                                            decompiling and understanding the mobile apps written in Java
                                            and also the native code in shared objects, especially for ARM
                                            architecture.

                                            We will introduce a little bit theory about development and
                                            components of the Android applications and ARM assembly.
                                            During training, the participants will see the tools suitable
                                            for behavioral analysis and instrumentaion of the suspicious
                                            samples, reverse engineering the Java apps and native code. We
                                            will spent a lot of time by practical hands- on with analysing the
                                            prepared CTF application utilizing various principles using by the
                                            real malware samples.

PREREQUISITES:
                                            After this training, participants should be able to understand
The participants should:                    the design of the Android apps including the native libraries.
l   Be familiar with Linux command-line     They also sould be able to read the ARM assembly and reverse
                                            engineering the mobile apps from APK sample to Java code and/
l   Be able to create simple programs                                                                                 www.qubitconference.com | QuBit Conference PRAGUE 2019
                                            or ARM assembly services
    (variables, conditions, for-cycles,
    functions) at least in one scripting
    language, e.g. Python
                                            Duration: 8 hours including lunch break and two
l   Have a little bit experience
                                            15-minutes coffee breaks
    with X86 assembly
                                            Number of attendees: Up to 20 attendees
l   Linux laptop with at least 8GB of
    RAM, 20 GB of free space on HDD/        TRAINER: Ladislav Baco & Jan Kotrady
    SSD and installed VirtualBox                     Security Analyst, CSIRT.SK
    (64-bit edition)

TARGET AUDIENCE:

l Malware analysts, security specialists,
incident handlers, software developers
and enthusiasts with technical skills

                                                                                                       3    Page No
PRAGUE 2019 QUBIT CONFERENCE - PROGRAM GUIDE
INFORMATION SECURITY RISK MANAGEMENT WORKSHOP
                                                          9 APRIL 2019 | PRAGUE

                                                          In this course students will learn the practical skills necessary to perform regular risk assessments
                                                          for their organizations. The ability to perform risk management is crucial for organizations hoping to
                                                          defend their systems. There are simply too many threats, too many potential vulnerabilities that could
                                                          exist, and simply not enough resources to create an impregnable security infrastructure. Therefore,
                                                          every organization, whether they do so in an organized manner or not, will make priority decision on
                                                          how best to defend their valuable data assets. Risk management should be the foundational tool used
                                                          to facilitate thoughtful and purposeful defence strategies.

                                                             TARGET AUDIENCE:                                 Duration: 8 hours
                                                                                                              Number of attendees: Up to 20 attendees
                                                             l   Security specialists, security architects,
                                                                 security engineers, compliance directors,    TRAINER: Ivan Makatura
                                                                 manager                                                 Executive Consultant at IBM Security
                                                                                                                         Chairman of the Board, Association
                                                             l   Data protection officers                                of Cybersecurity
QuBit Conference PRAGUE 2019 | www.qubitconference.com

                                                             l   Operational Risk management
                                                                                                              PREREQUISITES:
                                                             l   Compliance managers                          A basic understanding of information security and
                                                                                                              information security management topics is helpful
                                                             l   Information assurance management             for students attending this class. However a strong
                                                                                                              background in any of these skills is not a pre-requisite
                                                                                                              for the class. In the class students will be taught a step
                                                             l   Staff responsible for IT Service             by step approach for performing a risk assessment
                                                                 Management processes                         regardless of their technical information security or
                                                                                                              management background.

                                                         Page No     4
PRAGUE 2019 QUBIT CONFERENCE - PROGRAM GUIDE
SECURITY INFORMATION
                                                   & EVENT MANAGEMENT (SIEM)
                                                   9 APRIL 2019 | PRAGUE

                                                   Security operations nowadays, do not suffer from a “Big
                                                   Data” problem but rather a “Data Analysis” problem.
                                                   Monitoring tools became an inevitable part of the IT world.
                                                   Those, who do not use automatic tools for evaluating
                                                   events and incidents, can’t expect and guarantee adequate
                                                   level of security. Let’s face it, there are multiple ways to
                                                   store, process and analyze large amounts of data without
                                                   any real emphasis on gaining insight into the information
                                                   collected.

                                                   Training     provides   holistic   approach    to    security
                                                   management. We aim to provide in – depth insight into
                                                   SIEM technology.

All participants stand to gain valuable insights:
l   In-depth knowledge of what SIEM technology is and how to implement, configure
    and fine-tune SIEM technology

l   Solid understanding of how to use SIEM capabilities for business intelligence

l   Hands-on experience with how to deploy SIEM technologies (various log types analysis,
    how to process unknown logs, regex practice, incident investigation a analysis, rules creation,..)

l   Insight into how to monitor, identify, document and respond to security threats
    and reduce false-positive alerts

                                                                                                                         www.qubitconference.com | QuBit Conference PRAGUE 2019
l   Thorough understanding of compliance reporting and documentation

TARGET AUDIENCE:                                                     Duration: 8 hours including lunch break
                                                                     and two 15-minutes coffee breaks
l   Security specialists, security architects, security engineers,
    compliance directors, manager                                    Number of attendees: Up to 20 attendees

                                                                     TRAINER: Pavol Dovicovic  
l   Data protection officers
                                                                               Head of Information Security
l   Operational Risk management                                                and Infrastructure, EMM

l   Compliance managers                                              PREREQUISITES:
                                                                     Notebook with Windows or Linux,
l   Information assurance management                                 at least 8 GB of RAM
l   Staff responsible for IT Service Management processes

                                                                                                         5     Page No
PRAGUE 2019 QUBIT CONFERENCE - PROGRAM GUIDE
SOLUTION CENTER
                                                            CYBER LAB DEMONSTRATIONS:
                                                            DIFFERENT APPROACHES TO EVERYDAY SECURITY CHALLENGES

                                                            APRIL 10-11, 2019 | QUBIT CONFERENCE ADD-IN EVENT
                                                            Our Solution Center partners present demonstrations and their original
                                                            know-how on specific issues you are facing on a daily basis.

                                                            INTRODUCING SPONSORS AND THEIR SOLUTIONS

                                                                                                                                   Network Visibility, Security & Analytics in practice.
                                                                                                                                   In Solution Center will be able to see, among other
                                                                                                                                   things, various case studies focused on: 1. Encrypted
                                                                                                                                   Traffic Alalyses for Cryptographic Assessment &
                                                                                                                                   Management 2. Early Detection of Cryptojacking
                                                                                                                                   3. End-to-end monitoring of public cloud / cloud
                                                                                                                                   applications 4. Flowmon IDS 5. Early detection of
                                                                                                                                   threats regarding NISD & GDPR ...
                                                                                                                                   And many others.”

                                                                                                                                   Our pioneering Security Operating Platform
                                                                                                                                   emboldens our customers’ digital transformation
                                                                                                                                   with continuous innovation that seizes the latest
                                                                                                                                   breakthroughs in security, automation, and analytics.
                                                                                                                                   By delivering a true platform and empowering a
                                                                                                                                   growing ecosystem of change-makers like us, we
                                                                                                                                   provide highly effective and innovative cybersecurity
                                                                                                                                   across clouds, networks, and mobile devices. We are
                                                                                                                                   present in Eastern Europe since 2014 with native
                                                                                                                                   sales, marketing, services and support teams.

                                                                                                                                   Excalibur utilizes the mobile phone to act as a secure
                                                                                                                                   hardware token for any and all authentication and
                                                                                                                                   authorization needs inside of the enterprise. The
                                                                                                                                   ultimate goal is to move all forms of authentication
QuBit Conference PRAGUE 2019 | www.qubitconference.com

                                                                                                                                   and authorization away from passwords, replace
                                                                                                                                   them seamlessly with smartphone-based strong but
                                                                                                                                   user-friendly multi-factor authentication. Excalibur
                                                                                                                                   unique value is in providing backward compatibility
                                                                                                                                   with all the applications, Operating Systems (OS)
                                                                                                                                   and services the enterprise uses today thus creating
                                                                                                                                   a bridge between the password-based present day
                                                                                                                                   and password-free future.

                                                                   SCHEDULE
                                                                        April 10:                                                               April 11:

                                                                                10:00 - 10:30   LIGHTNING TALKS Solution Center Opening
                                                                                                                                                  9:30 - 15:00   DEMO CORNER presentations

                                                                                10:30 - 17:00   DEMO CORNER presentations

                                                         Page No    6
PRAGUE 2019 QUBIT CONFERENCE - PROGRAM GUIDE
A Y 1I L
                                                             D PR     A
                                                               10
                                                                                              TRACK A                                                       TRACK B

                                                            9:00 - 9:10
                                                                                                                        Conference Opening
                                                                                                   Maria Kalicakova I QuBit Security | Zdenek Hrib I Mayor of Prague

                                                            9:10 - 10:00               Case study: Nation State Attack APT10 – Operation Cloud Hopper Opening Keynote
                                                                                                                      Ondrej Krehel & Jean Gobin I LIFARS

                                                            10:00 - 10:30                                   Solution center Opening - Lightning talks
                                                            10:30 - 11:15   Cryptocurrencies: 10 years later                               PROJECT “TIERCEL”
                                                            10:30 - 10:40                                                                  Viktor Paggio I NUKIB
                                                                            Jarek Jakubcek I Europol
                                                            10:40 - 11:15
                                                                                                                                           Big Data in the service of Czech GovCERT
                                                                                                                                           Ladislav Straka I SANDS

                                                            11:15 - 11:30                                                         Coffee Break

                                                            11:30 - 12:15   Defensive deception - a hole as                                How to Test Artificial Intelligence?
                                                                            a security control                                             Can artificial intelligence cheat us?
                                                                            Alex Lozikoff I Softprom                                        Marek Zeman & Peter Kopriva I Tatra banka

                                                            12:15 - 13:00   We Pass the Costs to You! An analysis of                       Machine learning on the field
                                                                            Cryptomining and Cryptojacking                                 of Threat Hunting
                                                                            Josh Pyorre I CISCO                                            Gergo Gyebnar I Black Cell

                                                            13:00 - 14:00                                                            Lunch
                                                            14:00 - 14:20                                      Securing Online Transactions on the Edge
                                                                                                                            Chris Adam I Cloudflare
                                                            14:20 - 14:50                                                          FIRE CHAT
                                                                                                                   JOHN FRANCHI I former U.S. GOVERNMENT

                                                            14:50 - 15:20                                       Future of security technologies panel discussion
                                                                                                                       Moderator: Josh Pyorre I CISCO
                                                                                                         Panelists: Michal Drozd I GREYCORTEX, Pavol Dovicovic I EMM

                                                            15:20 - 15:35   Evil Qubits - The Threat of Quantum                            Don’t Acquire Your Next Breach:
                                                                            Cryptanalysis Explained                                        Managing the Vendor Risk Lifecycle
                                                                            Tomas Rosa I Raiffeisen BANK                                    Linda Thielova I OneTrust
QuBit Conference PRAGUE 2019 | www.qubitconference.com

                                                            15:35 - 15:50                                                         Coffee Break
                                                            15:50 - 16:20   Cybercriminal’s mind                                           The Good, the Bad and the Ugly
                                                                            - The anatomy of a targeted attack                             of Millions of Security Alerts
                                                                            Jiri Vanek I Unicorn                                           Nadav Avital I IMPERVA

                                                            16:20 - 16:50   The Role and Mission of Government in Cyber                    Hit me baby one more time
                                                                            security panel discussion                                      - story of an ordinary spamtrap
                                                                            Moderator: Ivan Makatura I IBM Security Services               Boris Mutina I Excello
                                                                            Panelists: Rastislav Janota I National Unit SK-CERT
                                                                            Laurent Weber I Governmental CERT of Luxembourg
                                                                            Viktor Paggio I NUKIB

                                                            16:50 - 17:05                                         Life is a breach – what’s next? Closing Keynote
                                                                                                                             Peter Beres I SophistIT

                                                            17:05 - 17:15                                                    Closing remarks

                                                         Page No      8
PRAGUE 2019 QUBIT CONFERENCE - PROGRAM GUIDE
Y 2
 D    A IL
     1 APR
   1
                                TRACK A                                                      TRACK B

8:30 - 8:50                                                       Registration

8:50 - 9:00                                       House Keeping Notes from Organizer

9:00 - 9:30                                                  Ghost Hunting Opening Keynote
                                                               Peter J. Ahearn Jr. I FBI
9:30 - 10:15    From the Lab to Nmap: How the OSSTMM                         Friend or foe?
                cut the distance between Science                             Peter Kosinar I ESET
                and Cyber Security
                Rem Elnahas I Security Solutions Consultants
10:15 - 11:00   Using Big Data technologies                                  The Cyber Forensics Lab Evidence Review:
                to improve SIEM scalability                                  Cryptocurrency 80 Million Hack and SamSam
                                                                             Ransomware Ring Case study
                Gabriela Aumayr & Josef Niedermeier I HPE
                                                                             Ondrej Krehel & Jean Gobin I LIFARS
11:00 - 11:20                                                     Coffee Break
11:20 - 11:50   Mobile Health applications and privacy                       Securing the virtualized world
                Zuzana Cich Hecko I Allen & Overy                            Jan Marek I KPCS

11:50 - 12:20                                          CISO role in Enterprise panel discussion
                                                         Moderator: Peter Beres I SophistIT
                  Panelists: Charles Tango I ALTRIA, Ondrej Bona I Slovenska sporitelna, Petr Chlumsky I ALZA, Pavol Dovicovic I EMM

12:20 - 13:20                                                          Lunch
13:20 - 13:50   CISO and DPO–allies or enemies?                          DEMONSTRATION
                A story on combining cybersecurity and data-             ATTACK ON BLOCKCHAIN
                protection in the evolving threat landscape              Tomas Zatko I Citadelo
                Mauriche Kroos I Enexis Group
13:50 - 14:20   Chaos vs. Complexity: The GDPR’s                         Cybersecurity and Blockchains - Are blockchains secure?
                impact on data protection norms                          Maximizing the potential of blockchains and Emerging Tech
                around the world
                Eduard Goodman I CyberScout                              Adewale O Omoniyi I IBM
14:20 - 14:35                                                     Coffee Break                                                               www.qubitconference.com | QuBit Conference PRAGUE 2019
14:35 - 15:05   Breaking the silence - cyber insurance                   Security Intelligence - Security Automation
                Rozalie Ryclova I Boxtrap                                Roman Cupka I Flowmon Networks
15:05 - 15:50                            Women in Technology, Privacy, Risk and Cyber panel discussion
                                                         Moderator: Ondrej Krehel I LIFARS
                          Panelists: Jenny Boneva I ISACA Sofia, Linda Thielova I OneTrust, Alexandra Dorcakova I T-Systems
                Katarina Rolna I Tatra banka, Marianna Belyavskiy I CIT Bank, Eva Skornickova I Data Privacy and Cybersecurity Advisor

15:50 - 16:00                                             RAFFLE & Closing speech

                                                                                                                             9    Page No
B-CRIX, THE BUSINESS
                                                           CYBER RESILIENCE INDEX
                                                           AUXILIARY CONFERENCE PROGRAM
                                                           THE BUSINESSES AND THEIR ABILITY TO REACT TO CRITICAL
                                                           CYBER CHALLENGES, OR WHERE IS MY BUSINESS.

                                                           ROUND TABLE DISCUSSION DATE: 11:20 - 12:45 | APRIL 11, 2019

                                                           To whom it may concern:
                                                           Security Vendor Leaders, Sales teams, Architects and Solution specialists

                                                           What CEOs think about cyber stuff
                                                           How to bring attention
                                                           To make a business, easy to understand is key

                                                           CHAIRMAN OF THE PROGRAM:
                                                           Igor Senkarcin I Cyber STRING
QuBit Conference PRAGUE 2019 | www.qubitconference.com

                                                                   Agenda to discuss:
                                                                   • The Cyber Readiness Indexes – why it is important for my business
                                                                   • Many methodologies, many purposes, many results
                                                                   • From stomach feeling to market demand generation project
                                                                   • How to engage / where to focus – the early bird benefits

                                                            The Round Table opens the debate, where to point the attention and how to link the real business
                                                            experience to the project concept, to make the index really working.

                                                            The all comments and suggestions addressed by attendees will promote the early project opening
                                                            and helps to set up the core project partnerships.

                                                         Page No     10
CISO ROUND TABLE
                                                          AUXILIARY CONFERENCE PROGRAM

                                                          15:15 - 16:45 | APRIL 10, 2019

                                                          ROLE OF THE CISO OF NOWADAYS, CLOUD AND DATA
                                                          SHARING, CISO TRENDS, ARTIFICIAL INTELLIGENCE,
                                                          ePRIVACY AND MORE
                                                          Chair of the program - Marek Zeman I CISO, Tatra banka

                                                          MANDATORY AUDIENCE:
                                                          CISO, acting CISO, CTO, CSO and all CISO enthusiasts
                                                          0. Introduction
                                                          1. How has day to day business changed from last year?
                                                          2. How do you perceive the role of the CISO, is it the one who hinders business? Can you imagine CISO as a business enabler?
                                                          3. Over the past few years, CISO has been cooperating with DPOs in individual companies, to what extent have you managed to
                                                             work together and how are responsibilities shared in your business?
                                                          4. The cloud theme is currently being launched. How do you perceive the cloud? Is it a danger or is it safe and what about
                                                             cloud security?
                                                          5. The above question also highlights the problem of sharing data between companies and data storage in Cloud Data lakes,
                                                             which is preferred in parent companies. What is the view of security experts on this type of business solution?
                                                          6. What are the future trends from your perspective for CISO?
                                                          7. The popular theme is Artificial Intelligence. Is it possible to set up security for this type of problem? How do we know that AI
                                                             does not program itself and do not do the wrong thing?
                                                          8. A popular legal threat is ePRIVACY? how do you prepare for this legislation? What do you think? Will the access to client data
                                                             protection change?
                                                          9. END
QuBit Conference PRAGUE 2019 | www.qubitconference.com

                                                         Page No   12
NETWORKING EVENTS
VIP RECEPTION
9 April, 2019

NETWORKING DINNER
10 April, 2019

Sponsored by
                                                                                                            www.qubitconference.com | QuBit Conference PRAGUE 2019
Sponsored by:

                          Diamond Sponsor:              Platinum Sponsor:

                 Silver Sponsors:                           Sponsors:

                                     Supporting partners:

                                                                            C Y B E R   C
                                                                                        S

                                                                            S T R I IN G

                                      Media partners:

                                                                                            3
                                                                                            131   Page No
You can also read