Restricted audience: This event aims to unite stakeholders in the areas of cyber threat intelligence, information sharing & critical infrastructure protection. To facilitate and ensure open discussions, attendance is limited to LSEC Expert Members (Cyber Threat Intelligence experts and academia) ; ISACs (Sharing Information Sharing and Analysis Centers), CISO's and security experts representing Vital Sectors, and European Government - and CERT organizations.
Active Defense (ACD)
Proactive cyber defence or active cyber defence (ACD) means acting in anticipation to oppose an attack against computers and networks. Some of the reasons for a proactive defence strategy are about cost and choice. Making choices after an attack are difficult and costly. Proactive defence is key to mitigating operational risk.
Cyber Threat Intelligence (CTI)
Following the ‘Big Data’ discussions that gripped the security market, now cyber threat intelligence (CTI) has become one of the hot topics in the industry. Moving the big data discussion from security issue to security enabler is a natural evolution, as mining data from internal and external sources can be of major assistance to security teams. Applying CTI correctly, they will be better prepared for current and future threats, reduce false positive security alerts and better respond to security incidents, just to name a few. From a business perspective, CTI can improve communication between security teams and business / management, support the organization to apply more business – driven security and risk management, and make better informed security investment strategies, decisions and priorities.
In addition, CTI paves the way for information sharing initiatives between CERT organizations, government, vital sectors and security vendors, supporting ISAC's and public - private partnerships and collaborations.
But CTI is not a magic box. Collected data is only useful when it is researched, analyzed and disseminated properly; CTI must be consumable and actionable in order for it to be useful. Without this, even the best CTI in the world is nothing more than interesting, and that does not mean that it’s useful.
So what are the bottlenecks? What are the benefits and how can you take full advantage of them? What is the current state-of-the-art in technology, approaches and research? These are some of the questions that will be covered during this seminar. And you are welcome to join us, thursday 14 January, at the IBM Forum in Brussels.
Introduction by Ulrich Seldeslachts, CEO LSEC - Leaders In Security
Ulrich Seldeslachts, CEO of LSEC (BE): CTI then, now and in the future
Ulrich is executive director of LSEC, a not for profit industry association focused on Information - and cyber security in Europe, based out of Belgium. Since 2012, LSEC has been leading industrial developments in cyber security; including cyber threat intelligence and information sharing. With LSEC, Ulrich was one of the founding partners of the ACDC - Project, Europe's first action against botnets.
CTI and Cyber Security Challenges in 2016.
Freddy DEZEURE, Head of CERT EU
Freddy Dezeure graduated as a Master of Science in Engineering in 1982. He was CIO of a private company from 1982 until 1987. After joining the European Commission in 1987, he has held a variety of management functions in administrative, financial and operational areas, in particular in information technology. He set up the CERT for the EU institutions, agencies and bodies in 2011. Since then, he has been Head of CERT-EU
Carsten Dietrich, Senior Engineering Manager at the IBM Lab, Developer of the X-Force Exchange
Carsten Dietrich is the Senior Engineering Manager behind the new, free and open cyber threat intelligence platform of IBM: X-Force Exchange, created in the IBM Lab in Kassel
Erik, de Jong, Lead Expert Cybercrime at Fox-IT (NL)
Erik de Jong is a security professional with very diverse experience in the field. In his current position, Erik is responsible for FoxCERT. Previously, Erik has held positions as incident handler and security advisor for the Dutch National Cyber Security Center (previously Govcert.nl)
Stuart Laidlaw, CEO of Cyberlytic (UK): Applying Real- Time Expert Decision Support to prioritise high risk cyber attacks
Stuart is Co-Founder and CEO of UK- based Cyberlytic, and developed an expert learning decision support tool that uses Artificial Intelligence techniques to provide real‐time risk Assessment of cyber-attacks
Antonio Forzieri, EMEA Cyber Security Practice Lead - Symantec (Italy)
At Symantec Antonio Forzieri is responsible for the Cyber Security offering for EMEA from a technology perspective. Previously Antonio worked in Symantec as a Security Practice Manager, running the security technology sales team in Italy. Before joining Symantec, Antonio worked for a number of Italian companies with EMEA wide responsibilities dealing with Compliance, Endpoint Security, Data Loss Prevention, Encryption, Ethical Hacking, Fraud Management and Security Education topics. Amongst other activities, Antonio supports public and private organization during significant security outbreaks and fraud investigations. Antonio holds a degree in Telecommunication Engineering from Politecnico di Milano where he is also a lecturer for the course “Internet: Mobility and Security” and he teaches the Master Class “Fraud Management” for the Security Specialist Master at CEFRIEL.
Pepijn Janssen, CTO of RedSocks (NL) : Detecting and defeating next generation malware
Cyber criminals manage to stay ahead in the rat race against security teams, by obfuscating their activities against traditional prevention tools. Today, all experts agree that proper security requires at a minimum continuous monitoring of network traffic, a complex and intensive procedure. To ease up the monitoring process analysts should be able to focus only on non-legit traffic. But how should they do that? Utilizing reputation based Ip feeds, implementing anomaly detection and addressing the human factor (skills) should be key here. But threat intelligence solutions deliver a variety in quality and focus; anomaly detection requires a learning curve; and skilled personnel is hard to find (and keep!) these days. Pepijn will address these challenges in his presentation, and present some of the best practices and insights in threat intelligence today.
About Pepijn: Pepijn is the CTO, Founder and inventor behind the RedSocks malware threat defender; a solution that enables organizations to track malware real – time in their networks. Prior to RedSocks, Pepijn Janssen has built a long and impressive track record in fighting malware for law enforcement agencies
Joep Gommers, Founder and CEO of EclecticIQ / formerly Intelworks (NL) : Intelligence Powered Defense
Joep Gommers is a Dutch security and intelligence professional from the Netherlands. Joep became known among security professionals after an article of his writing appeared on the technology-related news website slashdot on January 23, 2006, stating that "current approaches to Information Security are fundamentally wrong". With this, and other ideas, he gives talks at conferences, universities and communities throughout Europe.
Intended Audiences (Restricted Audience) & Registration:
-CISO’s / Security Managers - representatives from vital sectors
-Government / CERTS
-ISAC’s – Vital Sectors representatives
-LSEC Expert Members: Cyber Threat Intelligence Experts from Industry and Academia
Participation is free of charge upon prior registration,
with special thanks to LSEC - Member and host of the day, IBM Security for making this event possible