Next Generation Threats Stockholm

Frukostseminarium med Detectify: I huvudet på en white-hat hacker

Frukostseminarium med Junglemap: Informationssäkerhet i ett modernt, digitalt ekosystem och vad du måste förhålla dig till

En föreläsning om informationssäkerhet i moderna digitala ekosystem där fokus ligger på nya behov; beteende, kultur och relevant teknik. Många som idag lägger upp en strategi avseende sitt IT säkerhets- och informationssäkerhetsarbete missar en mer holistisk förhållning till dagens och framtidens behov. Denna föreläsning reder ut begreppen att tänka på och varför de är viktiga.

Robert Willborg, informationssäkerhetsexpert, Junglemap

Observera: Frukostseminariet kräver separat (kostnadsfri) föranmälan. Mer information kommer närmare eventet.

Välkommen till Next Generation Threats i Stockholm 2018

Moderator Magnus Aschan hälsar dig välkommen. Vilken spännande dag det kommer att bli!

Opening keynote: Jamie Woodruff – Europe's No1 ethical hacker

Jamie Woodruff talks about the importance of system and network security and is known for disclosing world-wide exploits and vulnerabilities within leading security applications such as Facebook, YouTube, Twitter, Apple and Google. He finds existing exploits by infiltrating the companies in question.

Woodruff entered the public eye when he successfully hacked Facebook as part of a student competition at Bangor University where he was studying computer information systems. He has since uncovered security holes in numerous high-profile operations, including Kim Kardashian’s website, which he hacked to reveal that it was putting her fans’ data at serious risk.

Jamie Woodruff, Europe's No1 ethical hacker

Cyber Security Exposed: Think Beyond (NextGen AI and Other Models)

This talk will focus on a major US breach, and three new hacks – network to server; drive by; and phishing. We will then explore how to implement modern best practices from the Executive Level to the Edge in today's complex enterprise environments.

Under the Hood – The Automotive Challenge

In an average 5-year old car, there are about 30 different computers on board. In an average new car there’s double than that, and in some cases – up to a 100. That’s a network the size of what a SMB would have, only there’s no CIO/CISO, and not even a part-time IT guy. We have no idea what’s going on under the hood. To add to the complexity, there are between 2 and 5 different bus types in a modern car. With different protocols and even different wiring, a modern car’s network diagram is a CISO’s nightmare.

There are many challenges in the automotive domain. From strict development regulations, through very long development cycles, to very little security by design in vehicles currently on the road - working in this domain is challenging, to say the least.  But unlike almost anywhere else, this time the defense might actually have a standing chance.

In this talk, we will share our experience in the automotive domain. We will explain the complexity of the playing field, share examples of the problems we’ve encountered, and talk about the challenges involved.

Inbar Raz, Security Architect at Argus Cyber Security

Keynote Partner: The forgotten piece of endpoint security in your office

Security breaches involving compromised devices have more than doubled in the past six years and HP believes prevention is better than cure. Learn how using the world’s most secure and manageable PCs and Printers; the forgotten piece of endpoint security; can prevent data leaking from your network.

Howard Roberts, Senior Technologist, Europe, Middle East & Africa region, HP

The Wolf in Sheep's Clothing – Undressed

Despite the breach of both Hacking Team and FinFisher, the government malware industry remains a shady market. Due to the amount of secrecy involved, it becomes increasingly more complicated to follow the technologies utilized by these companies and their modus operandi. The lack of transparency can be beneficial when one works with government-related operations. However, it can also be of benefit to any profit-driven actor, who will notice the potential for easy income in such conditions of the market.

During our daily monitoring, we have managed to find a fake “Google Chrome Update” landing page, which we believe is used by Wolf Research in their spyware campaigns. The page was designed for infection of Windows, iOS and Android devices. Soon, we were surprised to find a publicly open control panel server. This open C&C has given us the opportunity to collect a variety of precious data: details about the malware, photos and audio recordings from the testing phones, victims’ data and a storage of database backups of the said control server. After analysis of the findings, we have figured out that this company appears to be reselling commercial spyware as a government espionage spyware.

Despite the surprisingly poor quality of company behind these products, we have seen them do business with serious companies of the legal malware market and even with a government-related institution. While oblivious of the state of their operational security, the company relies on simply making a good impression on potential customers.

This presentation will disclose some of the work and the achievements of a peculiar German company.

Peter Kruse, Head of CSIS eCrime Unit, CSIS security Group A/S

AI/ML/Data: Nästa generations AI-drivna phishingattacker

Inom de närmaste åren kommer AI att bli ett av de viktigaste verktygen för nätfiskeattacker och telefonbedrägerier. AI kommer att användas för att skapa texter och verklighetstrogna röster, för att med hög noggrannhet anpassa attackerna till utvalda företag eller enskilda individer och för att identifiera de offer som är mest mottagliga för en attack. Det här möjliggör nätfiske och bedrägerier på en helt ny skala.

Måns Thulin ger svar på de viktigaste frågorna inom ämnet: Hur kommer det att gå till? Vad blir konsekvenserna? Och vad kan vi göra för att förhindra eller försvåra elaksinnat användande av AI?

Måns Thulin, docent i statistik och konsult inom maskininlärning och dataanalys

Säker arkitektur: Modernize your Incident Response and Forensics for Cloud workloads

Performing forensics on AWS resources is a new experience for many customers. Your incident response team may have older runbooks based on on-premise workflows which can result in responders using manual steps, or perhaps having no processes in place at all. You want your current incident response (IR) runbooks to account for your AWS workloads ASAP, and eventually, you want cloud-based IR superpowers, too.

In this session, we cover the basics that you must get in place, runbook updates specific to AWS, and we show you how to build initial IR capabilities that blend well with existing processes and partner offerings. We also walk through a hypothetical IR scenario for an AWS environment that uses an evolved on-premises IR runbook that accounts for the differences of an AWS environment.

This session will include strategic decision-making guidance to help attendees better understand the deployment methodologies for forensics tools and automated evidence gathering workflows.

We will also discuss and show samplings of unique AWS platform capabilities for IR success. Go beyond updating your IR runbooks, and start your journey toward gaining cloud-based IR superpowers today!

Henrik Johansson, Principal - Office of the CISO, AWS Security at Amazon Web Services

Security management: Säker it – säkerhetskultur som ökar it-säkerheten

Vilken är den minst säkra delen av informationssäkerheten – it-systemen eller användarna som administrerar och använder it-systemen? Hur kan vi göra den ”mänskliga faktorn” säkrare när vi har härdat alla tekniska it-system och faktiskt öka den totala säkerhetsnivån? Det kallas säkerhetskultur och omfattar alla i organisationen, från högsta ledningen till alla medarbetare.

Hur har du planerat och budgeterat för utbildning, tid för samarbete och dialog? Hur vi på olika sätt aktivt och medvetet kan skapa bättre säkerhet ska Margaretha Eriksson prata om.

Margaretha Eriksson, expert på informationssäkerhet och GDPR, Acando Consulting AB

AI/ML/Data: There’s a criminal attack gap… And it fits the IoT

In 2018, CDC data shows ransomware attacks are stagnating, while cryptojacking attacks are taking their place. The attack type of choice for the rookie criminal, their volume is exploding. On the high end, criminals invest a lot of time in understanding your business, who your suppliers are, and who your VIPs are, in order to perform high value BEC. The criminal middle class is slowly disappearing, and as with the economy, this is not good news. In this talk, Eward Driehuis, Chief Research Officer at SecureLink, will do some light tealeaf reading, looking at missing puzzle pieces. What does this mean for the future, what’s the risk, and how can organizations prepare?

Eward Driehuis, Chief Research Officer, SecureLink

Säker arkitektur: AI New Cyber Battlefield

As the scale and complexity of cyber attacks grows faster than ever, new ways must be explored to fight back.

Using machines to perform tasks such as malware analysis and real-time anomaly detection means a faster time to protection, frees up analyst time for more advanced research, and marks a big step forward in the battle against cyber crime.

This session discusses how you can leverage machine learning and other artificial intelligence techniques to enhance and extend your existing detection methods.

Dennis Bergström, Systems Engineer, Fortinet

Security management: There is no inside: Why you need to move beyond perimeter based security

A number of digital transformation initiatives are forcing businesses to rethink their enterprise security architecture. With breaches on the rise, users increasingly mobile, and data and applications moving to the cloud, businesses have to consider whether traditional perimeter-based security approaches are even relevant. The enterprise security perimeter model doesn’t fit for today’s world. Whether you call it Zero Trust, CARTA or BeyondCorp, a secure model to access on-premise, Iaas & SaaS apps is the right approach for the future.

Christer Öhgren, Enterprise Security Leader – Nordic, Akamai, & Joakim Lindgren, Enterprise Solutions Engineer, Akamai

AI/ML/Dataanalys: Anfall vs. Försvar – en förlorad strid?

På det teoretiska planet vet vi inte med säkerhet idag om försvar mot en motståndares möjligheter att exploatera maskininlärning (ML) och att använda ML och AI är en förlorad strid, eller om en optimal strategi rentav kan ge försvararen ett övertag gentemot angriparen.

Janne Haldesten, specialist hos säkerhetsföretaget Sectyne, gör en exposé över var vi står idag utifrån den ML/AI-revolution som pågår, perspektiven mellan anfall och försvar, vad som händer där och samt hur detta påverkar – och kan komma att påverka – olika organisationer och vårt samhälle i stort.

Du får bland annat höra om:

- ML/AI-revolutionen

- En motståndares perspektiv

- Exploatering av maskininlärning

- Varför ML och AI är viktigt för cybersäkerhet

- Utmaningar och faror

- Framtidsspaning

Janne Haldesten, Principal specialist, Sectyne

Säker arkitektur: Collaborative Network Security – On Securing the Internet Routing

Even if organization’s network has the best perimeter defenses, it is still vulnerable to routing attacks. These attacks exploit the vulnerability in the routing infrastructure, especially a protocol called Border Gateway Protocol (BGP), which is the glue that holds the Internet together. Routing attacks can be further used to mount DoS, DDoS, spamming and many other common attacks. In this talk Rahul Hiran, Ericsson, will present how this is possible and the challenges in defending against such attacks. It is important that the security practitioners are aware of such attacks given the advent of 5G networks and IoT.

Rahul Hiran, system developer, Ericsson

Security management: How to ensure the secure way is the easiest way

Rules, tools, and regulations are an incredibly visible part of our industry.  With GDPR, an incredibly amount of focus has been put on what processes we need to live up to, or how we need to handle storage of personal data. Many a magic black box has promised that it will secure our systems, but what about the people? How do we ensure that our colleagues and users know how to act securely and responsibly? What can we do to ensure that the secure way is the easiest way to act? Siren Hofvander, CSO at Min Doktor, will share her best advice on this challenge.

Siren Hofvander, CSO, Min Doktor

AI/ML/Data: AI’s Role in Risk Reduction

 What’s the impact AI can have for reducing risk in our organizations, and why is it important for the future of IT Security?

Henrik Akerstrand, Regional Director Nordics, Cylance

Seeing the Attacker’s View: A People-Centric Approach to Security

It’s no secret that modern attackers have pivoted to targeting people, largely via simple phishing emails. A simple internet search can tell them all they need to know about who has access to the system or data they are targeting.

You likely know that email fraud, or BEC, is costing organizations billions of dollars. But do you know why these attacks continue to reach new levels of success?

Join this session to learn how you can identify your most attacked and riskiest users and design better strategies and protections to stop these attacks before they reach your employees, customers, and business partners.

Werner Thalmeier, Senior Director Systems Engineering EMEA, Proofpoint

Security management: Security through visibility: don't let you network being a blind spot

Building perimeter walls and relying on signature-based solutions is not enough anymore. Despite protected perimeter and end-points, the number of malware compromising internal systems, APTs and threats bypassing traditional security rises and changes the security landscape. Detailed visibility into the network traffic and network behavior analysis removes the blind spot and enables a proactive fight against cyber threats which can give control over the IT environment back to administrators.

Lubos Lunter, Product Manager, Flowmon Networks

AI/ML/Data: Så fungerar threathunting med AI/ML som verktyg

Hotaktörerna idag blir mer och mer avancerade. För att jämna ut oddsen och ha en chans att upptäcka främlingar i allt mer komplexa IT-miljöer blir artificiell intelligens, AI, och maskininlärning, ML, allt mer viktiga som verktyg. Lär dig hur du kan ta hjälp av AI och ML för att bli mer effektiv i jakten på avancerade hotaktörer.

Patrick Kall, Chief Cyber Security Architect, Telenor Group

Säker arkitektur:  Så ser du till att data i utvecklingsprojekt inte försvinner till konkurrenter

Företag och organisationer satsar stora resurser vid olika utvecklingsprojekt.Projekten bemannas med olika kompetenser som tillsammans ingår i projektgruppen.Ofta arbetar man med utvecklingsmiljöer separerade från företagets driftmiljö.Lagring av kritisk projektinformation sker med olika lösningar.

Michael Nylén, computer forensics project manager, berättar här om hur data kan stjälas i samband med utvecklingsprojekt och hamna hos konkurrenter. Han delar också med sig av tips på åtgärder för att minimera riskerna.

Michael Nylén, Computer Forensics project manager

Security management: The Underground Economy – Human Currency

The Underground Economy, how does it work? We know that hackers and cyber criminals are stealing information from us, but why are they doing this? How and Why are they converting stolen information to money. In this presentation you will get a better understanding how you are part of the entire cyber crime economy.

David Jacoby, senior security researcher, Kaspersky Lab

Jurassic datorpark – nya hot i en alldeles vanlig it-miljö

Var finns de stora it-säkerhetsbristerna i en större organisation? Hur skapar man ordning? Och hur man kan organisera sig så att bristerna inte uppstår? Johanna Mannung, säkerhetsarkitekt på Polismyndigheten, reder ut saken.

Johanna Mannung, säkerhetsarkitekt, Polismyndigheten

Avslutande keynote: Dare King – Leveraging the Power of Public Data for Cyber Defense

Cyber defense strategies are often inwardly focused. Companies and people spend large sums of money on tools and software to protect their perimeter and the data within. Ms. King flips that paradigm and looks at the big picture; what goes on outside of the borders and how it can be leveraged to defend assets, organizations, and data. This presentation focuses on the nearly infinite data source available in the public domain (social media, deep/dark web, blogs, commercial data sets and more) and how it can be leveraged to enhance cyber defense strategies. Given the wide reach and inextricable link to virtually every company, location, and person on the globe, Publicly Available Data (PAI) cannot be ignored and must be considered in achieving a comprehensive cyber defensive posture.

Dare King, Executive Vice President, Babel Street

AW, mingel och skarpt nätverkande 

Avsluta dagen på topp och häng kvar en stund i vårt utställningsområde och mingla med deltagare, talare och partners. Smält dagens upplevelse, dela insikter och njut av något gott att dricka.