Agenda
08:00 - 08:50 |
Registration and Networking Break |
08:50 - 09:00 |
Chairman's Welcome |
09:00 - 09:20 |
► Feeling secure or being secure? That is the question Philipp Grabher, CISO, Canton Zurich
|
09:20 - 09:40 |
► The New Cyber Threat Landscape Switzerland Sammie Walden, Banking Expert DACH, Cloudflare
|
09:40 - 10:00 |
► What is the key to successfully engage on cybersecurity with executive and supervisory boards? Marcel Zumbühl, CISO, Swiss Post
|
10:00 - 10:40 |
► Education Seminar Session 1 Delegates will be able to choose from the following education seminars:
|
10:40 - 11:10 |
Networking Break |
11:10 - 11:40 |
► CISO Panel Discussion Juan Carlos Lopez Ruggiero, CISO, Bouygues Energies & Services, (Moderator);
|
11:40 - 12:00 |
► Generative AI: What will change with the rise of GPT in Cybersecurity? Theus Hossmann, Director of Data Science, Ontinue & Nevena Lazarevic, Security Technology Specialist, Microsoft
|
12:00 - 12:20 |
► Break The Attack Chain: Strengthening defences and safeguarding people and data Tom Kretzschmar, PreSales Engineer, Proofpoint
|
12:20 - 13:00 |
► Education Seminar Session 2 Delegates will be able to choose from the following education seminars:
|
13:00 - 14:00 |
Lunch and Networking Break |
14:00 - 14:20 |
► Shaping the future of Cyber TPRM by unlocking the potential of Automation & Digitalisation – Lessons Learned & Best Practices, Case Study Monika Atanasova, Global Head of Cyber TPRM, Raiffeisen Group - Switzerland
|
14:20 - 14:40 |
► Human-Machine Teaming - AI in Cybersecurity: Why the human element will always be indispensable in Cybersecurity Thomas Wüst, Sales Lead Switzerland, SentinelOne
|
16:10 - 16:30 |
► Bypassing Multi-Factor Authentication (MFA) via Phishing Techniques Raj Sandhu, Ethical Hacker, Contracted to World Health Organisation;
|
15:00 - 15:40 |
► Education Seminar Session 3 Delegates will be able to choose from the following education seminars:
|
15:40 - 16:10 |
Networking Break |
16:10 - 16:40 |
► Panel: Crypto CISOs Open Questions Jeff Schiemann, CISO, SEBA Bank AG (Moderator);
|
16:40 - 16:50 |
Chairman's Closing Remarks |
16:50 |
Conference Close |
Education seminars
Understanding the cloud-native threat landscape
Paolo Passeri, Principal Sales Engineer and Cyber Intelligence Specialist, Netskope
The consolidated adoption of cloud services and the distribution of the workforce have led to a new paradigm in the threat landscape. Threat actors are capitalizing on the fact that users access their data from any location and any device, even the personal ones, and also on the fact that they have progressively replaced human interactions with digital interactions. The attackers are launching evasive campaign that exploit the trust on cloud services and collaboration tools, but they are also dusting off more traditional techniques such as sophisticated social engineering and SEO poisoning campaigns that exploit the unconditional trust on search engines and online tools in general.
Join this session to:
- Understand what are cloud-native threats and why they are more evasive than traditional web-based threats.
- Understand the most common attack techniques.
- Gain a comprehensive view of the current threat landscape.
- Learn how to mitigate the risks with a security culture and a cloud-delivered security model.
Importance of Zero Trust Security in Kubernetes environments
Holger Moenius, NeuVector Sales Executive DACH, Benelux, Nordics & South, SUSE & Dieter Reuter, Solutions Engineer, NeuVector - SUSE
Deep network visibility is the most critical part of run-time container security. In traditional perimeter-based security, administrators deploy firewalls to quarantine or block attacks before they reach the workload. Inspecting container network traffic reveals how an application communicates with other applications and it’s the only place that can stop attacks before they reach the application or workload. SUSE NeuVector is the only 100 percent open source Zero Trust container security platform with continuous audits throughout the full lifecycle.
- Perform Deep Packet Inspection (DPI)
- Real-time protection with the industry’s only Container Firewall
- Monitor ‘East-west’ and ‘North-south’ container traffic
- Capture Packets for Debugging and Threat Investigation
Unspoken words with immense criminal potential
Joël Giger, Intelligence Consultant, Recorded Future
The recent boom in Artificial Intelligence capability has led to the creation of beautiful art and writing of essays within seconds, but threat actors have not stood idly by. In this session, you will learn about:
- The rise of Voice-Cloning-as-a-Service offerings, a new form of commodified cybercrime
- Current use cases, future potential and possible impact for your organisation
- Not all is lost - old mitigation techniques work against new threats, at least for now.
Know, Protect and Control your Data
Jasbir Singh, Partner and Managing Director Europe, Seclore Technologies
In the fast-paced digital age, safeguarding digital assets has become more crucial than ever. This Education seminar delves into the key topics essential for effective data protection. Jasbir Singh introduces an approach that revolves around understanding the data landscape within an organisation: The key to establishing a robust security framework and compliance includes to set labels to the documents, track and visualise the usage but always to protect & control confidential information.
By understanding the value of data, classifying it, and implementing usage controls based on classification labels, organisations can stay one step ahead of cyber threats and safeguard their digital assets effectively. A safeguard that goes beyond the security perimeter of an organisation, allowing usage control updates and even remote revocation of shared data at any time. The seminar will also outline why classification can act as a first layer of security and the importance of dynamic watermarks to deter or detect data leakage.
In this session, you will learn:
- Why we need data-centric security in today’s landscape
- How to Know, Protect and Control sensitive information
- Example: An integration of data-centric security into the M365 landscape
Nowhere to hide – Key Insights into Adversary Tradecraft 2023
Philipp Wachinger, Sales Engineer, CrowdStrike
Your ability to defeat advanced cyber threats rests almost entirely on your understanding of the problem. And the problem isn’t malware – it’s the adversaries. While technologies and security products organisations rely on are evolving, they struggle to keep up with the alarming pace at which adversary tooling and tradecraft is evolved. In all incidents observed by CrowdStrike’s specialist teams, adversaries looked for ways to broaden their reach, optimise their tradecraft and deepen their impact on targets. To gain access, the intrusion attempts often started with an identity compromise or the exploitation of vulnerable software. In addition, adversaries have been quick to learn how to take advantage of common misconfigurations in public cloud services. To stop these adversaries, it is imperative that security teams understand how they operate.
- Get a frontline snapshot of the current threat landscape, threat actors and their victims.
- Learn about the latest trends in adversary operations and tradecraft
- Understand why the human factor is more relevant than ever before
- Explore the 5 key steps to stay ahead of the threat actor
The Future of Security Operations
Rasham Rastegarpour, ReliaQuest
Security operations are changing rapidly and require a more holistic approach to security. Streamlining threat detection, investigation, and response is a good start in managing risk, but also important are utilising threat intelligence and digital risk protection, reviewing suspect employee-submitted emails via the abuse mailbox, and measuring your program to communicate better with your stakeholders and service providers. Additionally, security operations will become more streamlined, with the automation of routine tasks and incident-response procedures becoming the norm. This session will help organisations achieve efficient and effective detection and response to security incidents.
Five benefits for delegates attending the session:
- How a security operations platform helps proactively detect and mitigate cybersecurity risks and support future changes in your business
- The benefits of complete visibility across cloud, on-premises, and endpoint environments to mitigate security risks and enable rapid remediation
- How automation at key junctures can streamline security operations, speed resolution, and reduce the risk of human error
- The need for a more collaborative approach between providers and enterprises that avoids a “black box” method and provides measurable improvements in security operations
- How integration with existing security toolsets enables organisations to extract more value out of existing investments while streamlining security response