Tuesday 10 September 2019, 10:00am - 06:00pm
Hits : 813
To facilitate and ensure open discussions (Chatham House Rules), attendance is restricted to SOC Managers, CERT and CSIRT teams & CISO’s representing Critical Infrastructure Operators & Vital Sectors; National Cyber Security Centers & Government Institutions, ISACs [Sharing Information Sharing and Analysis Centers]; and LSEC Members active in Security Operations or Research. This event is Invitation Only, the registration page is password protected. If you feel that you fit the profile and can contribute to the discussions but did not receive a personal invitation, please request your access code via the event registration page.
Often, the biggest problem facing Security Operations Centers is not an inability to detect security threats, but rather the methods how to address those threats. With their reliance on manual processes and disconnected solutions, security analysts remain overwhelmed with [ false] alerts and lack the power to be effective at their jobs. There is an increased need to coordinate multiple security products and processes across the organization to manage tools and processes effectively; and ensure a streamlined task flow from detection to threat response and remediation. Implementing Security Orchestration enables organizations to collect security threats data and alerts from difference sources, increase resources on important tasks by automating repetitive tasks; ensure a faster response to incidents by automating integration, investigation & response; and have a stronger defense with the integration of existing security infrastructure. Having said that, security orchestration is not a plug and play wonder solution. Effective security orchestration requires a tightly organization that provides robust capabilities across a multitude of components. At the end of the day, the effectiveness of orchestration is only as strong as the weakest link.
- Bridging the Gap between alert overload and analyst capacity
- Security operations end to end
- Playbooks for Security Orchestration
- Gathering and consolidating data from multiple security controls
- Incident Response flows with security automation
- Virtualization & Dashboarding supporting security analysts
- Wouter Joossen, full professor in distributed systems at the Dept. of Computer Science of KU Leuven, co- founder of Ubizen [ now Verizon ] and Chairman of the Board at Inmanta: Wouter Joosen is full professor in distributed systems at the Dept. of Computer Science of KU Leuven. He has also co-founded two spin-off companies: Luciad, a company specialized in software for Geographical Information Systems, and Ubizen (now part of Verizon Business Solutions), where he has been the CTO from 1996 till 2000, and COO from 2000 till 2002. Wouter currently is Chairman of the Board at Inmanta, a technology and solutions provider for telecom that developed a service orchestrator that coordinates the automated deployment and management of all machines, services and networks, across vendors and technologies. Inmanta is a spin-off company of KU Leuven.
- Alain Sanchez, Senior Evangelist, Office of the CISO at Fortinet: Alain Sanchez has 20 years of executive engagement experience in the Network and Telecommunications domain. In December 2018, Alain joined Fortinet CISO office from Huawei Global Consulting Department where he was in charge of the Digital Transformation Practice, advising the board of Companies like Virgin Media, Telcel, INWI, Vodafone UK, China Mobile as these Service Providers targeted the enterprise segment with B2B Cloud and Security offerings. Alain held executive positions in Alcatel-Lucent, Accenture, BT-Global Services and Nortel.Alain Sanchez graduated from the University of Technology of Compiegne with a degree in Biological Engineering complemented by a Master degree in industrial processes.
- Stefan Bogdanis, Phantom SE at Splunk [ Security Orchestration, Automation and Response]: Stefan works within the Security Orchestration, Automation and Response team of Splunk in the UK. He is an InfoSec Technical Consultant/Solution Architect with a history in the computer software industry and telecoms. Stefan is skilled in Information Security Architecture (Security Operations, Application Security and Data Security), Internet Protocol Suite and Risk Management. Stefan has a Master of Science (MS) focused in Networks and Computer Systems Security from University of Greenwich.
- Marcel Kosters, Security Engineer at FireEye [ abstract will follow]
- Prescriptive Security Operation Center, from reactive to pro-active SOC | Madlin Dos Santos, Senior Cyber Security Solution Architect & Competence Lead for Prescriptive Security Operation Centers at ATOS: Madlin dos Santos is Senior Cyber Security Solution Architect and Competence lead for Prescriptive Security Operations Centers. During his presentation he will give insight into the evolution of Cyber Attacks and the need to automate SOC activities, and use Threat Intelligence for Threat Intelligence driven Cyber protection and respond. He will present and show a demo how to use Big Data Analytics (ML/ AI) as input for Security Orchestration tooling for optimal visibility and automation of repetitive task within a SOC tooling environment. Furthermore he will give insight in the Prescriptive SOC proposition from Atos to apply in critical OT and IT environments
- Incident Response flows with security automation by IBM Resilient | Joerg Stephan, SOC/SIEM consultant IBM Security Services and Jesmina Asserti, Risk strategy consultant IBM Security Services: The availability of threat intelligence has massively helped improve the detection of security events. Security Orchestration offers the platform required to integrate security tooling and threat information and establish common response procedures and metrics. This is necessary to ensure a quick and standardized response to modern-day security incidents. In this session Joerg and Jesmina will cover how IBM Resilient, which has stood its ground in many service environments, has helped improve incident response methods and procedures. They will also explain how to use this intelligence to enrich your risk management strategy and improve your time to audit.
- Ulrich Seldeslachts, CEO LSEC: Ulrich Seldeslachts is the executive director of LSEC, a not for profit industry association focused on Information Security in Europe, based out of Belgium. Since 2012, LSEC has been leading industrial developments in transactional security and cyber security. Based upon its prior expertise in IT Systems Security and cyber security, LSEC is playing an active role in the development of security policies and practices in the domain. Prior to LSEC, Ulrich was responsible for the corporate development of a US-European Broadband wireless operator, a broadband internet operator, a security engineering company, and many other innovative projects. He is a corporate advisor to various VC’s in security, telecoms, ICT and media. He works as an independent columnist for various professional publications. Ulrich holds a BA in Communication Sciences, postgraduates in Computer Sciences and Economics and an MBA from LBS
Attendees – Restricted Audiences
- CISO, Security Manager, SOC Manager, CERT and CSIRT team
- Security analyst representing Critical Infrastructure Operators, Vital Sectors / Significant Market Operators
- National Cyber Security Centers & Government Institutions
- LSEC Members from the vendor & research community
Request your Access Code:
This event is Invitation Only, the registration page is password protected. If you feel that you fit the profile and can contribute to the discussions but did not receive a personal invitation, please request your access code via the event registration page.
Special Thanks to LSEC Member
and Host of the Day Atos Belgium
Da Vincilaan 5
1930 Zaventem, Brussels