Start of first round of discussions for around 50 minutes. There will be 10 roundtables and you can attend at three different tables/topics.Roundtable 1: Benny Lakunishok, CEO and Co-Founder of Zero NetworksCo-moderated by Michael Gysi, Cyber Security Consultant at Thorin Cyber Security ManagementHow to Ruin an Attacker’s Day: Start with Network Segmentation and Finish with IdentityIn today's threat landscape, a multi-faceted cybersecurity strategy is crucial to blocking ransomware and halting lateral movement. By integrating network and identity segmentation both to IT assets and OT/IOT assets with network-layer MFA, organizations can establish a robust defense against attacks while securing unmanaged OT, IoT, and IIoT devices.
Join our interactive roundtable with Benny Lakunishok to discuss key components of a modern, zero trust architecture:
- Microsegmentation: Effectively prevent lateral movement and ransomware attacks, safeguarding your network down to the asset level and unmanageable OT/IoT/IIoT devices.
- Identity Segmentation: Enhance security with granular access controls based on user, device, and application identities, reducing your attack surface.
- Network-Layer MFA: Leverage just-in-time MFA to block unauthorized access even if credentials are compromised.
Roundtable 2: René Mauchle, Senior Network Security Engineer at UBS AG (sponsored by Netskope)Co-moderated by Mark Beerends, Executive Security Consultant at Prusec GmbH
Stop the Control Puzzle on Internet and Cloud Access
Is a policy supporting multiple control points manageable? SSE, CASB, ZeroTrust, DLP, Proxy all in one policy. How to design the policy and finally implement/migrate to it. At this roundtable let's discuss:
- What is the benefit and what the risk of the consolidation?
- Who may owns such a policy from the governance perspective?
Roundtable 3: Phil Jacobs, Principal Intelligence Solutions Advisor at Intel 471Co-moderated by Todd James, Head of Cyber Defense Operations, Threat Detection & ResponseIntelligence Lead Threat HuntingLearn and discuss how and why threat hunting can help the organization take a proactive stance against the most challenging threats. The discussion will focus on distilling value from threat intelligence and using it to combat ransomware, reduce dwell time, and identify control gaps. Threat hunting is a multi disciplinary practice which benefits from an open and mutual learning environment across peers and industries. Join us and help security become proactive!
Roundtable 4: Thomas Spinnler, Senior Consultant at Pyopa Cyber Security (replacement for Gutsy)
Co-moderated by Lars Ruddigkeit, CH Ambassador at Cloud Security AllianceNavigating Vulnerability Management in Hybrid and Multi-Cloud Environments: Strategies for SuccessVulnerability management is hard, and with hybrid and multi-cloud environments, this has only gotten harder. How do you have a successful vulnerability management program when you have multiple tools, teams, and environments all operating in a DevOps world?
In this roundtable, we’ll discuss the following:
- How do you prioritize vulnerabilities across your environment?
- How do you define and monitor your vulnerability management processes?
Roundtable 5: James Richmond, Regional Sales Engineer Identity Protection at CrowdStrikeCo-moderated by Markus Luchsinger, Senior Cyber Risk Manager at Swiss ReKeeping the Adversary from Logging In: Perception and Relevance of Identity Threats
One thing cannot be disputed: Identity based attacks are on the rise. However, this news is not news at all. Let’s discuss in this roundtable how identity threats are perceived, why they should get more attention and what means could be used to protect against them.
Roundtable 6: René Eberhard, Head of Business Information at SITS AGCo-moderated by Andreas Bischoff, Head of Cyber Security Services Engineering at UBSReal-World Governance with M365: Our Guide for Data, Identity, and Application Management
Harness the full power and governance features of M365! Our experts will show you how to implement governance processes for data, identity, and application lifecycle management to mitigate risks and meet compliance requirements.
Join the Roundtable Discussion:
- Data Classification: Efficiently mark data sensitivity. Learn how classification impacts your business, employees, and processes.
- Data Leakage Prevention (DLP): Prevent intentional or unintentional data leaks. Discover the capabilities, benefits, and methods of Microsoft Purview DLP and learn how it differs from cyber-threat incident management.
- Collaboration Governance: Secure internal and external data exchange. Efficiently manage Teams, SharePoint Online, and more.
- Data Retention: Implement compliance requirements for data retention and deletion. Understand the impact on eDiscovery processes.
- CoPilot: Boost productivity with AI. Use proven methods to secure your data.
Our experts look forward to engaging discussions, bringing extensive organizational and technical expertise. Learn how to adapt and optimize comprehensive governance processes in your organization.
Roundtable 7: Rudy Malka, Enterprise Manager Cloud EMEA at SentinelOneCo-moderated by Peter Kunz, IT Director Cyber Security at HexagonOpen Discussion: Cloud Security ChallengesIf you could address or improve one or just a few things in your current security implementation, what would that be and why? Let's discuss together:
- What are your thoughts around threats like ransomware, crypto mining malware, zero day vulnerability exploits, or malware downloaded at runtime in the cloud environment?
- How do you secure development pipelines? Implement code to cloud security?
- How to protect Cloud Security Posture Management (CSPM) and Kubernetes Security Posture?
- Offensive Security Engine: Can you replicate the attacker's mindset to simulate zero-day attacks?
- And what have you?
Roundtable 8: Thomas Fürling, Enterprise Architect and CEO at e3 AG (sponsored by Symantec)Co-moderated by Sven Schaub, Contractor and SIGS ContributorHow Does Sustainable Information Protection Work in a Hybrid World?Experience from over 100 information security projects (classification, Data Loss Prevention (DLP), Rights Management (RMS), Cloud Access Security Brokers (CASB), Cloud Data Protection Gateway (CDPG) and the creation of Secure Access Service Edge (SASE) architectures and Zero Trust concepts.
Exchange of experience on how such initiatives are approached in a risk-reduced manner in small to very large organisations. Do's, don'ts and "best practices" can be requested from Thomas, exchanged or challenged. Although sponsored by Symantec, we can also discuss various products with their strengths and weaknesses. When is which system the right one and which factors really matter? (Spoiler - it's rarely the licence price - more on that at this roundtable).
Information protection on-premises, in the cloud and hybrid
- How do the different tool worlds (classification, DLP, RMS, CASB, CDPG) interact?
- Which solutions are leading and where are specific vendors without an alternative? What options do you have in this regard?
- When is it worth buying from the cloud and where is on-premises better? Does information protection itself work in hybrid mode?
- What does the construction and operation of such solutions cost? How can the costs be optimised?
In addition, challenge our experts, ask what you have not yet dared to ask and get the knowledge you need to make informed decisions.
Roundtable 9: Laurent Jacquemin, EMEA Field CTO of Akamai Enterprise Security GroupCo-moderated by Aleksejs Okolovskis, President ISC2 Switzerland
How Effectively are you Deploying Segmentation to Mitigate Cyberattack Risks?
Host-based segmentation has helped many big multinational companies to raise their security posture and fulfill compliance mandates. By dividing networks into smaller perimeters and isolating individual workloads, software-based segmentation solutions can narrow the scope of compliance environments, streamline regulatory audits, and restrict access to sensitive information while delivering unparalleled visibility into network traffic and data flows. Enforcing a Zero Trust policy — which is the ultimate goal — begins with understanding the assets being protected and how they are (and should be) communicating with one another. This also allows granular policies to restrict lateral movement and prohibit malicious behavior.
Join us to discuss the following questions:
- Where should I start with implementing Zero Trust?
- Have you reached your limits or failed with the approach of traditional segmentation (firewalls/VLANs)?
- Ever wanted to understand how your DC communicates and gain better visibility?
- About Ransomware - How does software-based segmentation protect us, and how does it differ from AV/EDR/XDR solutions?
Roundtable 10: Alain Mowat, Head of Research and Development at Orange CyberdefenseCo-moderated by Leomar Viegas Junior, Exam Content Developer (EMEA) at ISC2
Dealing with 0-DaysWhile performing an intrusion test, hackers occasionally discover new unknown vulnerabilities for which no know solution exists yet (0-day). They might affect a custom-built application for a specific customer, or a wide-spread component used by many.
During certain red team assessments, it may even take several weeks or months to develop a specific exploit targeting a newly discovered vulnerability to break into a customer’s environment. While the process is interesting for the researcher, the value for the customer is minimal.
However, ignoring the fact that a 0-day might be used to gain access to a system is not ideal either, so let’s discuss how 0-days should be handled:
- Is it worthwhile searching for them?
- How should they be reported?
- Can we simulate their discovery?