(registration will be closed August 23rd, 2023 - seats are limited)
Meet with and be inspired by like-minded peers who face a similar set of challenges. Share strategies for mitigating the most current information security threats. A friendly, relaxed and professional atmosphere will ensure that you leave this event with a new wealth of trust-based contacts and tangible takeaways.
The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a one-to-one environment.
This is a ‘must attend’ event for all security operation professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success. So do not wait and register!
Looking forward to see you there,
your SIGS team
As always: sales peoples (incl. CEO's and Founders), vendors, consulting companies like the big4 and all peoples who just like to sell their products or services are not allowed to take part at SIGS events.
The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a one-to-one environment.
This is a ‘must attend’ event for all security operation professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success. So do not wait and register!
Looking forward to see you there,
your SIGS team
As always: sales peoples (incl. CEO's and Founders), vendors, consulting companies like the big4 and all peoples who just like to sell their products or services are not allowed to take part at SIGS events.
Location
Eventalm
Meienbreitenstrasse 9
Rümlang (near Airport)
Meienbreitenstrasse 9
Rümlang (near Airport)
DATE & TIME
August 24th, 2023, 2:30 pm - open end incl. dinner
Transfer & Parking
There's a shuttle from the train station in Rümlang available.
Parking lots at the location are available for free.
Parking lots at the location are available for free.
Participation Fee
We request EUR 99.-- during the registration. You will get your money back if you where there.
A BIG THANK YOU TO OUR SPONSORS WHO MAKE THIS PLATFORM HAPPEN!
Main Sponsor
Standard Sponsors
Start Up Park
Schedule
2:30 pm
Registration & welcome coffee
3:30 PM
Welcome & short introduction from the organization
4:00 PM
Start of first round of discussion for around 50 minutes. There will be 10 different roundtables and you can attend at two different tables means topics.
Roundtable 1: Andreas Wuchner, Field CISO at Panaseer & Morgan Thompson, Security Associate Director, Accenture Switzerland
The drivers and challenges to automating data-driven cyber controls monitoring and reporting
Data is king. But, proactively reporting on Security Posture, Controls Status, Tools Coverage, and exposure to Threat Scenarios is a recurring time sink for cyber professionals, risk managers, and asset owners. Automating data collection, analysis and reporting is the obvious answer, but there's a lack of standardization or acceptance on how to create such a data-driven capability in cybersecurity. And - it's a hard technical challenge to engineer for your unique business.
Let's explore:
- the increasing internal and external pressures for standing up such an initiative,
- what folk have done so far,
- what controls you care most about monitoring,
- how long we can get away with manual reporting,
- and the key business objections and technical challenges that are getting in the way.
Roundtable 2: Jay Christiansen, Manager and Lead of the Mandiant EMEA Red Team
Know your enemy, become your Enemy
To defeat your enemy, you must become your enemy" is an old, slightly exaggerated saying - but for modern cyber security it is mostly true. By performing Red Team engagements, thinking and behaving like the real threat actors it is possible to discover attacks and risks otherwise not considered by organisations. But at the same time, Red Teams often have to fight against a different reality than the one faced by real attackers; hemmed in by regulation and scoping, this paradox can give a false sense of security. So how do we balance and use the adversarial emulation best?
After a decade of threat intelligence-led Red Teaming we can look to what's next, how we can evolve our approaches and gain even more value out of the Red Teams.
Roundtable 3: Elier Cruz, Global Enterprise Security Architect, Check Point
Building Bridges: Integrating Zero Trust, Cybersecurity Mesh, and AI
In this roundtable we discover how to weave together Zero Trust, Cybersecurity Mesh, and AI into a robust cybersecurity fabric. We'll discuss the synergies and potential conflicts, share best practices, and outline a roadmap to successful integration, equipping you with the insights to enhance your security strategy.
Roundtable 4: Maurits Lucas, Director of Product Marketing at Intel471
Target CTI Professionals across multiple industries
Gaining access to corporate networks has become big business in the underground, as it enables ransomware attacks, hacktivists, data theft, extortion and a host of other threats. Join as us we discuss how you can become proactive in ensuring that your perimeter does not offer attackers any opportunity to penetrate your security by looking at current best practices for staying secure.
Roundtable 5: Stephan Gerling, Senior Security Researcher in the Industrial Control Systems Cyber Emergency Response Team (ICS CERT) at Kaspersky
Challenges in OT security – the rise of new cyber theats for industrial companies
The current situation around cyber threats remains tense - a huge risk for organizations of all kinds, but especially for companies operating in the industrial environment. Uninterrupted operation is a top priority for industrial systems, where every minute of downtime counts. However, with growing connectivity and automation of processes, the risk of becoming a victim of a cyberattack increases at the same time.
This is one of the reasons why the requirements of industrial companies and those of organizations from other sectors differ considerably. Only a multi-layered cybersecurity strategy that is specifically tailored to protect OT environments and also takes into account employee training as the first line of defense can provide comprehensive security. Join our upcoming roundtable and learn how this approach can be successfully put into practice.
Roundtable 6: Brian de la Vega, IT System Engineer at Endress+Hauser Group & SentinelOne
Continuous and risk-based protection mechanisms for OT endpoints
How can you find and implement different global detection measures for malware and ransomware on OT-related endpoints? Providing comprehensive protection for OT environments is challenging because a wide range of requirements must be met: Operation on legacy operating systems, AirGaped management, analysis on endpoints and not only in cloud environments, and excellent learning capabilities.
Find out how an international manufacturing company overcame this challenge by looking at a real-life example.
Roundtable 7: Raj Samani, SVP / Chief Scientist at Rapid7
Understanding and Mitigating Cyber Attacks: Insights from the Ongoing MOVEit Exploitation
Exploited in the Wild: What does the recent vulnerability disclosures reveal about the future demands placed on security teams? From File transfer solutions to Security gateways, the reality is that criminals are actively exploiting organizations with previously unknown vulnerabilities. This session will examine recent disclosures and what needs to be done to move from alert fatigue to realistic prioritisation of critical alerts.
Roundtable 8: Marc Doudiet, Senior Director Global Incident Response at Kudelski Security & Julian Kanitz, Lead Sales Engineer DACH at Recorded Future
(Details will follow)
Roundtable 9: Alain Mowat, Head of Audit Division at SCRT
(Details will follow)
Roundtable 10: xxx
Roundtable 1: Andreas Wuchner, Field CISO at Panaseer & Morgan Thompson, Security Associate Director, Accenture Switzerland
The drivers and challenges to automating data-driven cyber controls monitoring and reporting
Data is king. But, proactively reporting on Security Posture, Controls Status, Tools Coverage, and exposure to Threat Scenarios is a recurring time sink for cyber professionals, risk managers, and asset owners. Automating data collection, analysis and reporting is the obvious answer, but there's a lack of standardization or acceptance on how to create such a data-driven capability in cybersecurity. And - it's a hard technical challenge to engineer for your unique business.
Let's explore:
- the increasing internal and external pressures for standing up such an initiative,
- what folk have done so far,
- what controls you care most about monitoring,
- how long we can get away with manual reporting,
- and the key business objections and technical challenges that are getting in the way.
Roundtable 2: Jay Christiansen, Manager and Lead of the Mandiant EMEA Red Team
Know your enemy, become your Enemy
To defeat your enemy, you must become your enemy" is an old, slightly exaggerated saying - but for modern cyber security it is mostly true. By performing Red Team engagements, thinking and behaving like the real threat actors it is possible to discover attacks and risks otherwise not considered by organisations. But at the same time, Red Teams often have to fight against a different reality than the one faced by real attackers; hemmed in by regulation and scoping, this paradox can give a false sense of security. So how do we balance and use the adversarial emulation best?
After a decade of threat intelligence-led Red Teaming we can look to what's next, how we can evolve our approaches and gain even more value out of the Red Teams.
Roundtable 3: Elier Cruz, Global Enterprise Security Architect, Check Point
Building Bridges: Integrating Zero Trust, Cybersecurity Mesh, and AI
In this roundtable we discover how to weave together Zero Trust, Cybersecurity Mesh, and AI into a robust cybersecurity fabric. We'll discuss the synergies and potential conflicts, share best practices, and outline a roadmap to successful integration, equipping you with the insights to enhance your security strategy.
Roundtable 4: Maurits Lucas, Director of Product Marketing at Intel471
Target CTI Professionals across multiple industries
Gaining access to corporate networks has become big business in the underground, as it enables ransomware attacks, hacktivists, data theft, extortion and a host of other threats. Join as us we discuss how you can become proactive in ensuring that your perimeter does not offer attackers any opportunity to penetrate your security by looking at current best practices for staying secure.
Roundtable 5: Stephan Gerling, Senior Security Researcher in the Industrial Control Systems Cyber Emergency Response Team (ICS CERT) at Kaspersky
Challenges in OT security – the rise of new cyber theats for industrial companies
The current situation around cyber threats remains tense - a huge risk for organizations of all kinds, but especially for companies operating in the industrial environment. Uninterrupted operation is a top priority for industrial systems, where every minute of downtime counts. However, with growing connectivity and automation of processes, the risk of becoming a victim of a cyberattack increases at the same time.
This is one of the reasons why the requirements of industrial companies and those of organizations from other sectors differ considerably. Only a multi-layered cybersecurity strategy that is specifically tailored to protect OT environments and also takes into account employee training as the first line of defense can provide comprehensive security. Join our upcoming roundtable and learn how this approach can be successfully put into practice.
Roundtable 6: Brian de la Vega, IT System Engineer at Endress+Hauser Group & SentinelOne
Continuous and risk-based protection mechanisms for OT endpoints
How can you find and implement different global detection measures for malware and ransomware on OT-related endpoints? Providing comprehensive protection for OT environments is challenging because a wide range of requirements must be met: Operation on legacy operating systems, AirGaped management, analysis on endpoints and not only in cloud environments, and excellent learning capabilities.
Find out how an international manufacturing company overcame this challenge by looking at a real-life example.
Roundtable 7: Raj Samani, SVP / Chief Scientist at Rapid7
Understanding and Mitigating Cyber Attacks: Insights from the Ongoing MOVEit Exploitation
Exploited in the Wild: What does the recent vulnerability disclosures reveal about the future demands placed on security teams? From File transfer solutions to Security gateways, the reality is that criminals are actively exploiting organizations with previously unknown vulnerabilities. This session will examine recent disclosures and what needs to be done to move from alert fatigue to realistic prioritisation of critical alerts.
Roundtable 8: Marc Doudiet, Senior Director Global Incident Response at Kudelski Security & Julian Kanitz, Lead Sales Engineer DACH at Recorded Future
(Details will follow)
Roundtable 9: Alain Mowat, Head of Audit Division at SCRT
(Details will follow)
Roundtable 10: xxx
4:50 PM
Short break and change the roundtables
5:10 PM
2nd turn roundtable discussions
6:00 PM
Apéro and elevator pitches from some hopefully interesting start ups
7:00 PM
Barbecue & networking till open end
Contributors & Moderators
Below you will find our contributors and speakers to whom we say a big thank you !
Contributors & Co-Moderators
Markus Luchsinger
Senior Cyber Risk Manager at Swiss Re
Further information at Markus Luchsinger | LinkedIn
Bruce Nikkel
Cybercrime Intelligence & Forensic Investigation at UBS / Professor Berner Fachhochschule
Further information at Bruce Nikkel | LinkedIn
Sven Schaub
Project Leader at Universitäre Psychiatrische Dienste Bern
Further information at Sven Schaub | LinkedIn
Roundtable Moderators
Jay Christiansen
Manager and Lead of the Mandiant EMEA Red Team
Further information at Jay Christiansen | LinkedIn
Elier Cruz
Global Enterprise Security Architect at Check Point
Further information at Elier Cruz | LinkedIn
Brian de la Vega
IT System Engineer at Endress+Hauser Group
Further information at Brian de la Vega | LinkedIn
Marc Doudiet
Senior Director Global Incident Response at Kudelski Security
Further information at Marc Doudiet | LinkedIn
Stephan Gerlings
Senior Security Researcher at Kaspersky
Further information at Stephan Gerling | LinkedIn
Julian Kanitz
Lead Sales Engineer DACH at Recorded Future
Further information at Julian Kanitz | LinkedIn
Maurits Lucas
Director of Product Marketing at Intel471
Further information at Maurits Lucas | LinkedIn
Morgan Thompson
Security Associate Director at Accenture
Further information at Morgan Thompson | LinkedIn
Contact Us
If you have any questions or you like to get information about further events, please do not hesitate to contact us!