SIGS 3rd Roundtable Afternoon & Barbecue 

Join us on September 5th, 2024 and earn 5 CPEs

(registration will be closed September 4th, 2024)
The summer happening for all cyber security professionals and those who want to become one!
10 different roundtable discussions (see schedule below) and you can participate in three different ones. At all tables there will be a co-moderator from us who will ensure that the quality of the discussions will be valuable!

Afterwards we will enjoy a delicious barbecue together and as well a lovely summer evening together. Participation is free, which means you will get the fee back after the event if you have taken part.


Looking forward to see you there,
your SIGS team



As always: sales peoples (incl. CEO's and Founders), vendors and all peoples who just like to sell their products or services are not allowed to take part at SIGS events.

As we have a limited number of places and our primary goal remains to bring end customers together to exchange know-how and experience, we will no longer be able to accept registrations from consulting companies from August 29th and hope for your understanding!
EVENTPARTNER


Location
Eventalm
Meienbreitenstrasse 9
Rümlang (near Airport)


DATE & TIME
September 5th, 2024, 1:30 pm - open end incl. dinner

Transfer & Parking
There's a shuttle from the train station in Rümlang available.
Parking lots at the location are available for free.

Participation Fee
For free
We request EUR 99.-- during registration but you will get your money back after your participation.
A BIG THANK YOU TO OUR SPONSORS WHO MAKE THIS PLATFORM HAPPEN!
MAIN SPONSOR
STANDARD SPONSOR
AND REALLY LOOKING FORWARD TO PRESENT
THE FOLLOWING STARTUPS ONSITE!
1:30 pm
Registration & welcome coffee
2:15 PM
Welcome & short introduction from the organization incl. elevator pitches from some hopefully interesting start ups
3:00 PM
Start of first round of discussions for around 50 minutes. There will be 10 roundtables and you can attend at three different tables/topics.


Roundtable 1: Benny Lakunishok, CEO and Co-Founder of Zero Networks
Co-moderated by Michael Gysi, Cyber Security Consultant at Thorin Cyber Security Management

How to Ruin an Attacker’s Day: Start with Network Segmentation and Finish with Identity
In today's threat landscape, a multi-faceted cybersecurity strategy is crucial to blocking ransomware and halting lateral movement. By integrating network and identity segmentation both to IT assets and OT/IOT assets with network-layer MFA, organizations can establish a robust defense against attacks while securing unmanaged OT, IoT, and IIoT devices.

Join our interactive roundtable with Benny Lakunishok to discuss key components of a modern, zero trust architecture:

  • Microsegmentation: Effectively prevent lateral movement and ransomware attacks, safeguarding your network down to the asset level and unmanageable OT/IoT/IIoT devices.
  • Identity Segmentation: Enhance security with granular access controls based on user, device, and application identities, reducing your attack surface.
  • Network-Layer MFA: Leverage just-in-time MFA to block unauthorized access even if credentials are compromised.



Roundtable 2: René Mauchle, Senior Network Security Engineer at UBS AG (sponsored by Netskope)
Co-moderated by Mark Beerends, Executive Security Consultant at Prusec GmbH

Stop the Control Puzzle on Internet and Cloud Access
Is a policy supporting multiple control points manageable? SSE, CASB, ZeroTrust, DLP, Proxy all in one policy. How to design the policy and finally implement/migrate to it. At this roundtable let's discuss:

  • What is the benefit and what the risk of the consolidation?
  • Who may owns such a policy from the governance perspective?



Roundtable 3: Phil Jacobs, Principal Intelligence Solutions Advisor at Intel 471
Co-moderated by Todd James, Head of Cyber Defense Operations, Threat Detection & Response

Intelligence Lead Threat Hunting
Learn and discuss how and why threat hunting can help the organization take a proactive stance against the most challenging threats. The discussion will focus on distilling value from threat intelligence and using it to combat ransomware, reduce dwell time, and identify control gaps. Threat hunting is a multi disciplinary practice which benefits from an open and mutual learning environment across peers and industries. Join us and help security become proactive!



Roundtable 4: Thomas Spinnler, Senior Consultant at Pyopa Cyber Security (replacement for Gutsy)
Co-moderated by Lars Ruddigkeit, CH Ambassador at Cloud Security Alliance

Navigating Vulnerability Management in Hybrid and Multi-Cloud Environments: Strategies for Success
Vulnerability management is hard, and with hybrid and multi-cloud environments, this has only gotten harder. How do you have a successful vulnerability management program when you have multiple tools, teams, and environments all operating in a DevOps world?

In this roundtable, we’ll discuss the following:
  • How do you prioritize vulnerabilities across your environment?
  • How do you define and monitor your vulnerability management processes?



Roundtable 5: James Richmond, Regional Sales Engineer Identity Protection at CrowdStrike
Co-moderated by Markus Luchsinger, Senior Cyber Risk Manager at Swiss Re

Keeping the Adversary from Logging In: Perception and Relevance of Identity Threats
One thing cannot be disputed: Identity based attacks are on the rise. However, this news is not news at all. Let’s discuss in this roundtable how identity threats are perceived, why they should get more attention and what means could be used to protect against them.



Roundtable 6: René Eberhard, Head of Business Information at SITS AG
Co-moderated by Andreas Bischoff, Head of Cyber Security Services Engineering at UBS

Real-World Governance with M365: Our Guide for Data, Identity, and Application Management
Harness the full power and governance features of M365! Our experts will show you how to implement governance processes for data, identity, and application lifecycle management to mitigate risks and meet compliance requirements.

Join the Roundtable Discussion:
  • Data Classification: Efficiently mark data sensitivity. Learn how classification impacts your business, employees, and processes.
  • Data Leakage Prevention (DLP): Prevent intentional or unintentional data leaks. Discover the capabilities, benefits, and methods of Microsoft Purview DLP and learn how it differs from cyber-threat incident management.
  • Collaboration Governance: Secure internal and external data exchange. Efficiently manage Teams, SharePoint Online, and more.
  • Data Retention: Implement compliance requirements for data retention and deletion. Understand the impact on eDiscovery processes.
  • CoPilot: Boost productivity with AI. Use proven methods to secure your data.

Our experts look forward to engaging discussions, bringing extensive organizational and technical expertise. Learn how to adapt and optimize comprehensive governance processes in your organization.



Roundtable 7: Rudy Malka, Enterprise Manager Cloud EMEA at SentinelOne
Co-moderated by Peter Kunz, IT Director Cyber Security at Hexagon

Open Discussion: Cloud Security Challenges
If you could address or improve one or just a few things in your current security implementation, what would that be and why? Let's discuss together:

  • What are your thoughts around threats like ransomware, crypto mining malware, zero day vulnerability exploits, or malware downloaded at runtime in the cloud environment?
  • How do you secure development pipelines? Implement code to cloud security?
  • How to protect Cloud Security Posture Management (CSPM) and Kubernetes Security Posture?
  • Offensive Security Engine: Can you replicate the attacker's mindset to simulate zero-day attacks?
  • And what have you?



Roundtable 8: Thomas Fürling, Enterprise Architect and CEO at e3 AG (sponsored by Symantec)
Co-moderated by Sven Schaub, Contractor and SIGS Contributor

How Does Sustainable Information Protection Work in a Hybrid World?
Experience from over 100 information security projects (classification, Data Loss Prevention (DLP), Rights Management (RMS), Cloud Access Security Brokers (CASB), Cloud Data Protection Gateway (CDPG) and the creation of Secure Access Service Edge (SASE) architectures and Zero Trust concepts.

Exchange of experience on how such initiatives are approached in a risk-reduced manner in small to very large organisations. Do's, don'ts and "best practices" can be requested from Thomas, exchanged or challenged. Although sponsored by Symantec, we can also discuss various products with their strengths and weaknesses. When is which system the right one and which factors really matter? (Spoiler - it's rarely the licence price - more on that at this roundtable).

Information protection on-premises, in the cloud and hybrid
  • How do the different tool worlds (classification, DLP, RMS, CASB, CDPG) interact?
  • Which solutions are leading and where are specific vendors without an alternative? What options do you have in this regard?
  • When is it worth buying from the cloud and where is on-premises better? Does information protection itself work in hybrid mode?
  • What does the construction and operation of such solutions cost? How can the costs be optimised?

In addition, challenge our experts, ask what you have not yet dared to ask and get the knowledge you need to make informed decisions.



Roundtable 9: Laurent Jacquemin, EMEA Field CTO of Akamai Enterprise Security Group
Co-moderated by Aleksejs Okolovskis, President ISC2 Switzerland

How Effectively are you Deploying Segmentation to Mitigate Cyberattack Risks?
Host-based segmentation has helped many big multinational companies to raise their security posture and fulfill compliance mandates. By dividing networks into smaller perimeters and isolating individual workloads, software-based segmentation solutions can narrow the scope of compliance environments, streamline regulatory audits, and restrict access to sensitive information while delivering unparalleled visibility into network traffic and data flows. Enforcing a Zero Trust policy — which is the ultimate goal — begins with understanding the assets being protected and how they are (and should be) communicating with one another. This also allows granular policies to restrict lateral movement and prohibit malicious behavior.

Join us to discuss the following questions:
  • Where should I start with implementing Zero Trust?
  • Have you reached your limits or failed with the approach of traditional segmentation (firewalls/VLANs)?
  • Ever wanted to understand how your DC communicates and gain better visibility?
  • About Ransomware - How does software-based segmentation protect us, and how does it differ from AV/EDR/XDR solutions?



Roundtable 10: Alain Mowat, Head of Research and Development at Orange Cyberdefense
Co-moderated by Leomar Viegas Junior, Exam Content Developer (EMEA) at ISC2

Dealing with 0-Days
While performing an intrusion test, hackers occasionally discover new unknown vulnerabilities for which no know solution exists yet (0-day). They might affect a custom-built application for a specific customer, or a wide-spread component used by many.

During certain red team assessments, it may even take several weeks or months to develop a specific exploit targeting a newly discovered vulnerability to break into a customer’s environment. While the process is interesting for the researcher, the value for the customer is minimal.

However, ignoring the fact that a 0-day might be used to gain access to a system is not ideal either, so let’s discuss how 0-days should be handled:

  • Is it worthwhile searching for them?
  • How should they be reported?
  • Can we simulate their discovery?


3:50 PM
Short break and change the roundtables
4:00 PM
2nd turn roundtable discussions
4:50 PM
Short break and change the roundtables
5:10 PM
3rd turn roundtable discussions
6:00 PM
Apéro, Barbecue & networking till open end
Roundtable Moderators
Below you will find our contributors and speakers to whom
we say a big thank you!
René Eberhard
Head of Business Information at SITS AG
Further information at René Eberhard | LinkedIn
Thomas Fürling
Enterprise Architect & CEO at e3 AG
Further information at Thomas Fürling | LinkedIn
Jacob Graves
Director of Solutions Architecture at Gutsy
Further information at Jacob Graves | LinkedIn
Philip Jacobs
Principal Intelligence Solutions Advisor at Intel471
Further information at Phil Jacobs | LinkedIn
Laurent Jacquemin
EMEA Field CTO of Akamai Enterprise Security Group
Further information at Laurent Jacquemin | LinkedIn
Benny Lakunishok
Co-Founder and CEO at Zero Networks
Further information at Benny Lakunishok | LinkedIn
Rudi Malka
Enterprise Manager Cloud EMEA at SentinelOne
Further information at Rudy Malka | LinkedIn
René Mauchle
Senior Network Security Engineer at UBS AG
Further information at René Mauchle | LinkedIn
Alain Mowat
Head of Research and Development at Orange Cyberdefense
Further information at Alain Mowat | LinkedIn
James Richmond
Regional Sales Engineer Identity Protection at CrowdStrike
Further information at Jason Richmond | LinkedIn
SIGS Contributors & Co-Moderators
To ensure that the discussions run smoothly and, above all, that no sales discussions take place, we have a co-moderator at each roundtable who ensures the quality for us.
Mark Beerends
Executive Security Consultant at Prusec GmbH
Further information at Mark Beerends | LinkedIn
Andreas Bischoff
Head of Cyber Security Services Engineering at UBS AG
Further information at Andreas Bischoff | LinkedIn
Don Codling
Cyber Security Advisor at Codling Group (USA)
Further information at Don Codling | LinkedIn
Michael Gysi
Cyber Security Consultant at Thorin Cyber Security Management
Further information at Michael Gysi | LinkedIn
Todd James
Head of Cyber Defense Operations, Threat Detection & Response at Swisscom AG
Further information at Todd James | LinkedIn
Peter Kunz
IT Director Cyber Security at Hexagon
Further information at Peter Kunz | LinkedIn
Markus Luchsinger
Senior Cyber Risk Manager at Swiss Re
Further information at Markus Luchsinger | LinkedIn
Aleksejs Okolovskis
President ISC2 Switzerland
Further information at Aleksejs Okolovskis | LinkedIn
Sven Schaub
Contractor and SIGS Contributor
Further information at Sven Schaub | LinkedIn
Thomas Spinnler
Senior Consultant at Pyopa Cyber Security
Further information at Thomas Spinnler | LinkedIn
Leomar Viegas Junior
Exam Content Developer (EMEA) at ISC2
Further information at Leomar Viegas | LinkedIn
Contact Us
If you have any questions or you like to get information about further events, please do not hesitate to contact us!
 Join us on September 5th
We look forward to hosting you!

Processing Registration...