Roundtable Discussions (each 50 minutes, change the tables for one time - each participant can attend at 2 different roundtables)
Roundtable 1: A SOC arsenal: Tools, use cases and challenges
Lorenzo Corsini, Founder of Pilatum IT Security Services GmbH
Lorenzo provides advisory services as an independent consultant. Before becoming an independent advisor he worked in an Italian MSSP for 8+years, leading the SOC and antifraud department.
Whether you have tens of different solutions or just a couple of them. Technology is a fundamental part of a SOC.
This is why every SOC needs and has its own arsenal. Let’s discuss about the features we require, what we expected to receive , if those expectations were met, and if not how we handled it.
- What’s the one which helped you the most?
- Which one was the most difficult to implement or operate?
- What are the various consideration we make before choosing one tool instead of another.
- How do we keep the arsenal up to date with the attackers TTPs and our operations model?
- Can those tools keep up with modern paradigm such as DevOps approach and microservices architecture?
- Do we need to shape our processes depending on the arsenal we have?
Let’s try to establish a common ground and come up with the core technological feature every SOC / IR Team needs in its arsenal.
Roundtable 2: The Evolution of the SOC: Evolving Security Operations for Business Resilience
Mo Cashman, Director ATS & Principal Engineer EMEA, Trellix
Whether a government or private enterprise, we all face risk from Advanced Persistent Threats and Nation-State groups.
These attackers are fast and complex. They require you to have more than common preventative controls in your security architecture and simple monitoring of alerts as sec ops strategy. They require you not just to be proactive but rather adaptable in your security strategy. So, what does that mean for the future of Sec Ops?
In this roundtable we want to discuss how organizations can evolve to their SOC capability towards an adaptable model and how XDR can help address some of the key challenges on that journey .
Roundtable 3: SOC - from zero to hero (your favourite SOC setup, automation, staffing, skills, technology)
George Necola, Head IT Security and Architecture, Cembra Money Bank AG
I will show you how we go this way, what challenges we had and what experiences we have made. Then let's discuss together what experiences you have already made and what we can learn from each other to get from “zero to hero”.
Roundtable 4: Work in the SOC - can it be fun?
Michael Gysi, Senior Information Security Officer, SIX Group and Owner of Thorin CSM GmbH
Working in a SOC is a challenge but can also be very monotonous and maybe as well boring some times. How can you make this work interesting for the employees? What do employees expect and what makes them (or you) satisfied and fulfilled?
Let's develop ideas together and exchange experiences so that working in a SOC becomes fun.