Event Recording

Alexei Balaganski - Containers, Microservices, APIs: The Latest DevOps Security Trends

Show description
Speaker
Alexei Balaganski
Lead Analyst & CTO
KuppingerCole
Alexei Balaganski
Alexei is an analyst with specific focus on cybersecurity and Artificial Intelligence. At KuppingerCole, he covers a broad range of security-related topics: from database, application and API security to security analytics, information protection, and AI-based security automation. He holds a...
View profile
Playlist
Cybersecurity Leadership Summit 2018 Europe
Event Recording
Tim Hobbs - DevOps & Service Layers
Dec 18, 2018

IAM products are highly configurable systems tailored to the diverse needs of customer environments and applications. Modern applications require short development cycles and IAM systems that can be adjusted at the same pace. Modern data centers are configuration-driven, resilient environments designed to meet rapidly changing application needs, and modern IAM solutions must be in line with this paradigm.

Introducing traditional IAM products into cloud containers is not a simple "lift and shift" operation, as it once was with the virtual machine infrastructure. Today's micro-service-enabled, service-mesh-oriented infrastructure expects simple, resilient, self-discovery services instead of brittle monoliths that rely on manual configuration.

Operating IAM products with a DevOps setting in terms of automation, repeatability, and continuous improvement is possible through close collaboration between IAM, application, and infrastructure experts.

Event Recording
Chris Burtenshaw - User Behaviour Analytics (UBA) - The Enterprise Value Proposition
Dec 18, 2018

This session explores what UBA is and the value it brings to enterprise security in context of other common controls and tools.  Chris will give some history of how user activity monitoring has changed, and its challenges, and the state today. Finally, we will discuss how this is changing and what to look out for as organisations are consuming more cloud-based services.

Event Recording
Martin Kuppinger - User Behaviour: The Link between CyberSecurity and Identity Management
Dec 18, 2018

An increasing number of attacks, both external cyber-attacks and internal attacks, are well-thought-out and long-running. Particularly external, targeted attacks rely on the use of zero-day-exploits, which factually are yet unknown exploits. Thus, standard approaches such as signature-based analysis don’t help – you can’t detect what you don’t know. On the other hand, malicious behavior of internal users is hard to detect. Commonly, existing entitlements are used, but not as they should be used. Both challenges can be addressed by analyzing the user behavior and identifying anomalies and outliers. There are various technologies for doing so, focusing on network traffic, privileged user behavior, or access to unstructured data. All of these deliver to the one target: Mitigating risk of attacks. 

Event Recording
Maximilian Möhring - Die Zukunft Digitaler ID ist Dezentral – Aber Nicht Blockchain
Dec 04, 2018

Die Identitätslandschaft ist voll von IAM-Systemen, Identifikations- und Authentifizierungsanbietern, verschiedenen Technologiestandards und wird durch nationale sowie branchenspezifische Normen geregelt.

Die Lösung für dieses Problem ist die Interoperabilität der Lösungen indem der Markt vereint wird und die Integration bestehender Identitätsanbieter vereinfacht wird. Obwohl Blockchain neue ID-Lösungen liefern kann, löst sie nicht die Kernproblematik des Identitätsmarktes. Revolution wird durch die Evolution des bestehenden Marktes erreicht, nicht durch einen Big Bang.

Event Recording
Richard Bell - Developing a Strategy for Managing Incidents
Dec 18, 2018

For many years now, the management of incidents has been a challenging, dynamic and somewhat accidental in response. Today, whatever the threat we face, there is zero margin for errors if affected and excuses are certainly a thing of the past. Planning for the worst-case scenario is now commonplace, yet is it tested? and who is involved? Developing the right strategy for your organisation and its operations is key to continued success and minimising the impact of any incident. This presentation intends to encourage the consideration of different approaches, thinking, and conversations upon your return to your organisation.

Event Recording
Marko Vogel - Cyber Security as Part of Industry 4.0
Dec 18, 2018

 - More aggressive, complex and well organized: Cyber threat landscape on the rise

- Cyber Security – added value for industry 4.0?

- Industry 4.0 needs company-specific security strategies

Event Recording
Panel - AI and the Future of Cybersecurity
Dec 18, 2018

 Advanced analytical technologies will help organizations in their fight against cyber-attacks. These technologies assist in detecting potential attacks at an earlier stage, as well as enabling the identification of complex attack patterns that span various systems. In this panel we will discuss the role of AI in the future of cybersecurity, possibilities of using it as a weapon by adversaries and the possibility of developing preventing techniques using Machine Learning and Deep Learning. 

Event Recording
Cybersecurity Innovation Night 2018 - Machine Learning & Deep Learning for Secure Future
Dec 20, 2018

Every year the number of cyber attacks is increasing. The types of targets include just about everyone, ranging from Fortune 500 companies, small and medium-sized businesses, critical infrastructure, and government agencies.

Cyber-attacks are becoming more sophisticated as well as growing in frequency. Up to a million new malware variants are created every day. Each new threat group can be significantly different from previous ones and can be used in damaging attacks around the world.

The Cybersecurity Innovation Night will focus on cutting-edge approaches and advanced solutions in the various areas of cybersecurity by utilizing Machine Learning (ML) and Deep Learning (DL) technologies. ML and DL have had many successful applications in image recognition and language processing, and now these techniques are the fastest growing trends in cybersecurity. These tools are gaining more traction in cybersecurity because they facilitate more efficient analysis and allow faster, automated responses to various threats.

The slam-style talks will present various approaches of combating cyber attacks and cybercrime using ML and DL techniques. Slammers will entertain and at the same time, try to convince the crowd that the world will be a safer place with their contribution.

Event Recording
Panel - Future of Critical Infrastructure Security
Dec 18, 2018

More often we hear about the devastating effects the attack on critical infrastructure can have on the citizens of an affected city or a country. Yet we don't see large scale attacks yet being conducted. Panellist will discuss possible threats in todays world as well as the ways private sector and governments can collaborate to prevent such assaults on critical infrastructure.

Event Recording
Gal Helemski - How a Policy Based Approach Dramatically Improved Access Control and Authorization
Dec 18, 2018

Hear how a leading multinational Financial institution was able to evolve from Role Based Access Control (RBAC) to the new paradigm, Policy Based Access Control (PBAC), and learn what challenges this solved, and the ROI they were able to see from using PBAC.

Event Recording
Dragan Pendic - Path to Zero Trust Security - Data Veracity, When Truth Is Essential and Trust Optional
Dec 18, 2018

Businesses are more data-driven than ever, but inaccurate and manipulated information threatens to compromise the insights that companies rely on to plan, operate, and grow. Unverified digital resource is a new type of vulnerability - one that is 

chronically overlooked by digital enterprises. With autonomous, data-driven decision making, the potential harm from unverified digital resources become an enterprise-level existential threat. And then, there's a wider cybersecurity aspect and how to address the following:

- Data provenance verification - the history of data from its origin throughout its lifecycle (cradle to grave)

- Data Integrity verification - continually maintain good health  and predictable state of data

- Data context usage - keep an eye on behaviour and context around data's use

Event Recording
Peter Dornheim - Build Up a Security Operation Center and Provide Added-Value to Business Operations
Dec 18, 2018

Make or buy? Budget annihilator or business driver? Only 2 questions which must be answered when building up a Security Operation Center. How to address these questions and how to start a project to establish a Security Operation Center in a traditional German manufacturing company is content of this session.

- Start small, think big: Understand how to start a SOC project and deliver an added-value fast - Think big: Identify a SOC target vision which maps to your individual company situation - Be prepared: Learn about typical challenges during the SOC ramp-up process