Official Event Sponsor
Meet with and be inspired by like-minded peers who face a similar set of challenges. Share strategies for mitigating the most current information security threats. A friendly, relaxed and professional atmosphere will ensure that you leave this event with a new wealth of trust-based contacts and tangible takeaways.
The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a one-to-one environment.
This is a ‘must attend’ event for all security operation professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success. So do not wait and register!
Looking forward to see you there,
your SIGS team
As always: sales peoples (incl. CEO's and Founders), vendors, consulting companies like the big4 and all peoples who just like to sell their products or services are not allowed to take part at SIGS events.
The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a one-to-one environment.
This is a ‘must attend’ event for all security operation professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success. So do not wait and register!
Looking forward to see you there,
your SIGS team
As always: sales peoples (incl. CEO's and Founders), vendors, consulting companies like the big4 and all peoples who just like to sell their products or services are not allowed to take part at SIGS events.
Location
Hilton Zürich Airport
Hohenbühlstrasse 10
8152 Opfikon-Glattbrugg
Hohenbühlstrasse 10
8152 Opfikon-Glattbrugg
DATE & TIME
March 30th, 2023, 1:00 pm - open end incl. dinner
Airport Transfer & Parking
There's a shuttle bus from the airport available.
Parking lots at the hotel are available for free.
Parking lots at the hotel are available for free.
Schedule
1:00 pm
Registration
1:30 PM
Welcome & short introduction from the background organization
1:30 PM
Presentation 1: Milad Aslaner, Senior Director, Global CISO at SentinelOne
Navigating the Sea of Threat Intelligence Information: Strategies for Effective Analysis
Threat intelligence is a critical component of any mature information security program, but the sheer amount of information available can be overwhelming. Sorting through credible sources and separating the signal from the noise is a major challenge for many threat intelligence initiatives.
In this presentation, we'll explore the top challenges when analyzing threat intelligence information, including information overload, a lack of context and actionability, and difficulty distinguishing between credible and non-credible sources. We'll also provide practical strategies for overcoming these challenges and making the most of your threat intelligence information.
Navigating the Sea of Threat Intelligence Information: Strategies for Effective Analysis
Threat intelligence is a critical component of any mature information security program, but the sheer amount of information available can be overwhelming. Sorting through credible sources and separating the signal from the noise is a major challenge for many threat intelligence initiatives.
In this presentation, we'll explore the top challenges when analyzing threat intelligence information, including information overload, a lack of context and actionability, and difficulty distinguishing between credible and non-credible sources. We'll also provide practical strategies for overcoming these challenges and making the most of your threat intelligence information.
2:00 PM
Presentation 2: Michal Goldshtein, Director Security Architecture and Research at Palo Alto Networks
Operationalizing Threat Intelligence through Automation
As organizations work tirelessly on improving their security programs, understanding how to apply threat intelligence in a way which will give most value is key.
In this session, we’ll cover how to apply threat intelligence effectively to incident investigation and response as well as for the proactive prevention of future attacks. You will leave this session with actionable insights on how to create a curated and centralized threat library, manage the full intelligence lifecycle and leverage the power of automation.
Operationalizing Threat Intelligence through Automation
As organizations work tirelessly on improving their security programs, understanding how to apply threat intelligence in a way which will give most value is key.
In this session, we’ll cover how to apply threat intelligence effectively to incident investigation and response as well as for the proactive prevention of future attacks. You will leave this session with actionable insights on how to create a curated and centralized threat library, manage the full intelligence lifecycle and leverage the power of automation.
2:30 PM
Dr. Paul Vixie, Godfather of DNS
Privacy Preserving Telemetry Collection and Analysis
The Swiss Federal Data Protection Act, like Europe's GDPR, is meant to discourage the broad collection of data whose collation and analysis would identify or track real persons or to predict the activities of real persons. As generally understood, these laws would seem to prohibit collection of real time Internet metadata such as Domain Name System flows, which are vital to the investigation of cybercrime.
At SIE Europe U.G., a not-for-profit company incorporated in Germany, we have developed a privacy preserving data collection method that identifies no real persons but which facilitates broad analysis of the Internet system and its criminal uses. In this talk, Dr. Paul Vixie will briefly explain why SFDPA and GDPR are well reasoned, how DNS functions, how DNS flows can be safely collected and indexed, and what sorts of investigations are possible in any similar "passive DNS" system.
The Swiss Federal Data Protection Act, like Europe's GDPR, is meant to discourage the broad collection of data whose collation and analysis would identify or track real persons or to predict the activities of real persons. As generally understood, these laws would seem to prohibit collection of real time Internet metadata such as Domain Name System flows, which are vital to the investigation of cybercrime.
At SIE Europe U.G., a not-for-profit company incorporated in Germany, we have developed a privacy preserving data collection method that identifies no real persons but which facilitates broad analysis of the Internet system and its criminal uses. In this talk, Dr. Paul Vixie will briefly explain why SFDPA and GDPR are well reasoned, how DNS functions, how DNS flows can be safely collected and indexed, and what sorts of investigations are possible in any similar "passive DNS" system.
3:15 PM
Break
3:45 PM
Roundtable 1: Mathieu Louvet, former Global Head of Cyber Defense & Cyber Threat Intelligence
How Threat Intelligence can raise the level of Cyber Security Maturity
A highly experienced and internationally minded Information Security professional with a 15-year career at Philip Morris International (Switzerland), Samsung Electronics (Korea), and Wavestone Consulting (France) to provide a deep oversight of all elements of an Information Security & Data Privacy program. During his career, Mathieu built and led global and diverse teams in the field of Cyber Defense blending Threat Hunting, Red Teaming, Vulnerability Management, Security Operations, and Cyber Incident Response activities at speed and scale thanks to Automation, Orchestration, and Threat Intelligence.
The roundtable will be a possibility to discuss opportunities and challenges linked to the development of Cyber Threat Intelligence capabilities in organizations who aim to raise their level of cyber security maturity.
Roundtable 2: Bernhard Distl, Cyber Security Expert at SIX Group
Cyber Threat Intelligence make or buy / make AND buy
This round table will focus on sourcing of threat intelligence information. In the beginning, many companies focus on external providers. However, much value can be generated from the data you already have in your company. We will discuss the chances, benefits and pitfalls of leveraging internal data for cyber threat intelligence as well as combining such data with externally sourced cyber threat intelligence.
Roundtable 3: Mark Furner, Cyber Threat Intelligence Analyst at Credit Suisse AG
Cyber Threat Intelligence: set-up, harnessing stakeholders and IT security, getting started
Most companies starting a CTI service will have experience in IT and cyber security, and experienced professionals in these areas. Most FINMA-regulated firms will have risk officers and experience in assessing risks. But now risk should be directed by threats – what is outside, threatening the company, this needs to inform the company’s understanding of risk. How to harness existing resources to set up a CTI service, what are the requirements? This is a discussion, though based on certain pre-requisites that CTI needs, rather than a presentation of ready-made formulas.
Mark is a Cyber Threat Intelligence Analyst at Credit Suisse, with experience in various branches of IT security and fraud since turn of the century. He is an enthusiastic member of the SIGS forum and is convinced that sharing threat intelligence and security information can make the community stronger.
Roundtable 4: Mark Barwinski, Global Head of Cyber Operations at UBS AG
2023 Challenges to Cyber Threat Intelligence – According to ChatGPT
ChatGPT was asked about emerging challenges for Cyber Threat Intelligence in 2023. The answer was worth considering during this panel discussion.
Increasing complexity and data volume, and the shortage of skilled analysts are topics which have been discussed extensively over the years. But regenerative artificial intelligence and natural language engines have the potential to dramatically change this field within a relatively short window of time. This technology can rapidly alleviate pain points related to massive data analysis and correlation, analyst shortages, and cyber threat intelligence report writing.
Lets explore together, and perhaps with the assistance of ChatGPT, the dramatic and likely changes coming our way.
How Threat Intelligence can raise the level of Cyber Security Maturity
A highly experienced and internationally minded Information Security professional with a 15-year career at Philip Morris International (Switzerland), Samsung Electronics (Korea), and Wavestone Consulting (France) to provide a deep oversight of all elements of an Information Security & Data Privacy program. During his career, Mathieu built and led global and diverse teams in the field of Cyber Defense blending Threat Hunting, Red Teaming, Vulnerability Management, Security Operations, and Cyber Incident Response activities at speed and scale thanks to Automation, Orchestration, and Threat Intelligence.
The roundtable will be a possibility to discuss opportunities and challenges linked to the development of Cyber Threat Intelligence capabilities in organizations who aim to raise their level of cyber security maturity.
Roundtable 2: Bernhard Distl, Cyber Security Expert at SIX Group
Cyber Threat Intelligence make or buy / make AND buy
This round table will focus on sourcing of threat intelligence information. In the beginning, many companies focus on external providers. However, much value can be generated from the data you already have in your company. We will discuss the chances, benefits and pitfalls of leveraging internal data for cyber threat intelligence as well as combining such data with externally sourced cyber threat intelligence.
Roundtable 3: Mark Furner, Cyber Threat Intelligence Analyst at Credit Suisse AG
Cyber Threat Intelligence: set-up, harnessing stakeholders and IT security, getting started
Most companies starting a CTI service will have experience in IT and cyber security, and experienced professionals in these areas. Most FINMA-regulated firms will have risk officers and experience in assessing risks. But now risk should be directed by threats – what is outside, threatening the company, this needs to inform the company’s understanding of risk. How to harness existing resources to set up a CTI service, what are the requirements? This is a discussion, though based on certain pre-requisites that CTI needs, rather than a presentation of ready-made formulas.
Mark is a Cyber Threat Intelligence Analyst at Credit Suisse, with experience in various branches of IT security and fraud since turn of the century. He is an enthusiastic member of the SIGS forum and is convinced that sharing threat intelligence and security information can make the community stronger.
Roundtable 4: Mark Barwinski, Global Head of Cyber Operations at UBS AG
2023 Challenges to Cyber Threat Intelligence – According to ChatGPT
ChatGPT was asked about emerging challenges for Cyber Threat Intelligence in 2023. The answer was worth considering during this panel discussion.
Increasing complexity and data volume, and the shortage of skilled analysts are topics which have been discussed extensively over the years. But regenerative artificial intelligence and natural language engines have the potential to dramatically change this field within a relatively short window of time. This technology can rapidly alleviate pain points related to massive data analysis and correlation, analyst shortages, and cyber threat intelligence report writing.
Lets explore together, and perhaps with the assistance of ChatGPT, the dramatic and likely changes coming our way.
4:45 PM
Change the table for the second round of discussions
5:45 PM
Panel Discussion moderated by Paul Vixie about the impressions of this afternoon with all speakers/moderators
6:30 PM
Apéro riche incl. networking and know how sharing till open end
Speakers & Moderators
Below you will find our speakers and moderators to whom we say a big thank you !
Mark Barwinski
Global Head of Cyber Operations at UBS AG
Further information at Mark Barwinski | LinkedIn
Mark Furner
Cyber Threat Intelligence Analyst at Credit Suisse AG
Further information see above
Mathieu Louvet
former Global Head of Cyber Defense & Cyber Threat Intelligence
Further information at Mathieu Louvet | LinkedIn
Milad Aslander
Senior Director, Global Fiel CISO at SentinelOne
Further information at Milad Aslaner | LinkedIn
Michal Goldshtein
Director, Security Architecture and Research at Palo Alto Networks
Further information at Michal Goldshtein | LinkedIn
Contact Us
If you have any questions or you like to get information about further events, please do not hesitate to contact us!