Join us on November 3rd, 2022 and earn 4.25 CPEs

(registration will be closed October 27th, 2022)
Official Event Sponsor
Meet with and be inspired by like-minded peers who face a similar set of challenges. Share strategies for mitigating the most current information security threats. A friendly, relaxed and professional atmosphere will ensure that you leave this event with a new wealth of trust-based contacts and tangible takeaways.
The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a one-to-one environment.

This is a ‘must attend’ event for all security operation professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success. So do not wait and register!

Looking forward to see you there,
your SIGS team

As always: sales peoples (incl. CEO's and Founders), vendors, consulting companies like the big4 and all peoples who just like to sell their products or services are not allowed to take part at SIGS events.
Location Sponsor


Hardturmstrasse 3

Date & Time

November 3rd, 2022, 2:30 pm - 9:00 pm incl. dinner
2:30 pm
All peoples should be at the Swisscom Hardturmstrasse 3 entrance for registration latest at this time. We have to build a group to go to the meeting room. If someone is too late, please ask at the reception and someone will pick you up.
3:00 PM
Welcome & short introduction from the background organization
3:10 PM
Jerzy Michno, Security Sales Engineers at Trellix (formerly FireEye and McAfee Enterprise)

Cyber Threat Landscape overview for the Swiss market
​The cyber-attack landscape is constantly changing. In this keynote we will give an overview of the
latest Cyber campaigns and the most impactful Cyber threats for the Swiss market.
3:30 PM
Natalya Arbuzova, SOC Manager Threat Detection and Response at Swisscom
Welcome from the Host Sponsor and short introduction into the SOC world at Swisscom
3:45 PM
Mark Beerends, Executive Security Consultant and Owner Prusec GmbH 
Training staff in Incident Response via a tabletop exercise
To have a good response to cyber security incidents, there is a lot of focus on what technology is available in cyber space. However next to technology, detecting and responding to a cyber-attack requires a lot of expertise, skills and training in righteous use of security tooling. Once a cyber-attack fully hits the firm causing large business impact, there is no time to waste.

As a company you need to be resilient and prepare for attacks and most important train how you want to react as a company. You need to know how to communicate to your key-stakeholders outside office hours with no access to your laptop, who can decide on heavy impact changes, to who, what and where to report the incident. In addition, a lot of people react different under stress caused by a cyber crisis than they do in daily life. Luckily, this can be trained via tabletop exercises focused on the behavior of security incident respond staff during a crisis simulation. With use of tabletop exercises you can establish and test behavior or structures under stress that will prepare staff to perform in a resilient manner during a real cyber-attack.
4:30 PM
5:00 PM
Roundtable Discussions (each 50 minutes, change the tables for one time - each participant can attend at 2 different roundtables)
Roundtable 1: A SOC arsenal: Tools, use cases and challenges
Lorenzo Corsini, Founder of Pilatum IT Security Services GmbH
Lorenzo provides advisory services as an independent consultant. Before becoming an independent advisor he worked in an Italian MSSP for 8+years, leading the SOC and antifraud department.

Whether you have tens of different solutions or just a couple of them. Technology is a fundamental part of a SOC. 
This is why every SOC needs and has its own arsenal. Let’s discuss about the features we require, what we expected to receive , if those expectations were met, and if not how we handled it.

- What’s the one which helped you the most?
- Which one was the most difficult to implement or operate?
- What are the various consideration we make before choosing one tool instead of another.
- How do we keep the arsenal up to date with the attackers TTPs and our operations model?
- Can those tools keep up with modern paradigm such as DevOps approach and microservices architecture?
- Do we need to shape our processes depending on the arsenal we have?

Let’s try to establish a common ground and come up with the core technological feature every SOC / IR Team needs in its arsenal.

Roundtable 2: The Evolution of the SOC: Evolving Security Operations for Business Resilience
Mo Cashman, Director ATS & Principal Engineer EMEA, Trellix

Whether a government or private enterprise, we all face risk from Advanced Persistent Threats and Nation-State groups.

These attackers are fast and complex. They require you to have more than common preventative controls in your security architecture and simple monitoring of alerts as sec ops strategy. They require you not just to be proactive but rather adaptable in your security strategy. So, what does that mean for the future of Sec Ops?

In this roundtable we want to discuss how organizations can evolve to their SOC capability towards an adaptable model and how XDR can help address some of the key challenges on that journey .

Roundtable 3: SOC - from zero to hero (your favourite SOC setup, automation, staffing, skills, technology) 
George Necola, Head IT Security and Architecture, Cembra Money Bank AG

I will show you how we go this way, what challenges we had and what experiences we have made. Then let's discuss together what experiences you have already made and what we can learn from each other to get from “zero to hero”.

Roundtable 4: Work in the SOC - can it be fun?
Michael Gysi, Senior Information Security Officer, SIX Group and Owner of Thorin CSM GmbH 

Working in a SOC is a challenge but can also be very monotonous and maybe as well boring some times. How can you make this work interesting for the employees? What do employees expect and what makes them (or you) satisfied and fulfilled?
Let's develop ideas together and exchange experiences so that working in a SOC becomes fun.

5:50 PM
Change the table for the second round of discussions
7:00 PM
Apéro or maybe better dinner at the location including networking and hopefully great discussions till around 9:00 pm
Contributors & Speakers
Below you will find our contributors and speakers to whom we say a big thank you !
Natalya Arbuzova
SOC Manager Threat Detection and Response, Swisscom
Natalya is an active contributor for SIGS.
Further information at Natalya Arbuzova | LinkedIn
Mark Beerends
Executive Security Consultant, Prusec
Mark is an active contributor for SIGS. Further information at ​Mark Beerends | LinkedIn​​​
Mo Cashman
Director ATS & Principal Engineer EMEA, Trellix
Further information at Mo Cashman | LinkedIn
Michael Gysi
Senior Information Security Officer, SIX Group and Owner of Thorin CSM GmbH
Further information at Michael Gysi | LinkedIn
Jerzy Micho
Security Sales Engineer, Trellix
Further information at Jerzy Michno | LinkedIn
George Necola
Head of IT Security and Architecture, Cembra Money Bank
Further information at George Necola | LinkedIn
Contact Us
If you have any questions or you like to get information about further events, please do not hesitate to contact us!
 Join us on November 3rd
We look forward to hosting you!

Processing Registration...