Event Recording

Peter Dornheim - Build Up a Security Operation Center and Provide Added-Value to Business Operations

Show description
Speaker
Peter Dornheim
Head of IT Security
SAP
Peter Dornheim
After several stations in a SAP Consulting company (finally as Manager for SAP Security) and IT Security Architect at Daimler AG, Peter Dornheim is now the Head of IT Security at SAP AG. He is responsible for the operational implementation of IT Security measures and Cyber Security defense.
View profile
Playlist
Cybersecurity Leadership Summit 2018 Europe
Event Recording
Dr. Frank Dudek - Accelerating Cybersecurity – Is Your Information Security Program Up to Speed?
Dec 18, 2018

Internet content providers rely on fast, modern webapps and feature-rich web frameworks to drive customers to their sites. In a landscape of accelerating change and continuous code deployment, my keynote will discuss how a company’s cybersecurity program must evolve to remain effective in such fast-paced environments. 

Event Recording
Panel - Achieving Consistent Enterprise Security
Dec 18, 2018

In this discussion the panellists will speak about the types of attacks which enterprises should expect in coming years. The ways of DevOps integration into an enterprise security program will also be discussed together with best practice highlights.

Event Recording
Martin Lum - Dezentralisierte Blockchain Identität BYODID ohne Zwischenhändler
Dec 04, 2018

Viele der neuen DID und Self-Sovereign Identitäts-Konzepten verlangen weitreichende neue Strukturen und Verfahren. Ihr Schwerpunkt ist der Austausch maschinell lesbarer Identitäts-Unterlagen zwischen Behörden und vertrauenden Geschäftspartnern. Anstatt Zwischenhändler abzuschaffen, so wie von den Blockchain Propheten versprochen, werden neue Führungsnetzwerke aufgebaut um technische Neuigkeiten traditionell zu verwalten.

Event Recording
Cybersecurity Innovation Night 2018 - Machine Learning & Deep Learning for Secure Future
Dec 20, 2018

Every year the number of cyber attacks is increasing. The types of targets include just about everyone, ranging from Fortune 500 companies, small and medium-sized businesses, critical infrastructure, and government agencies.

Cyber-attacks are becoming more sophisticated as well as growing in frequency. Up to a million new malware variants are created every day. Each new threat group can be significantly different from previous ones and can be used in damaging attacks around the world.

The Cybersecurity Innovation Night will focus on cutting-edge approaches and advanced solutions in the various areas of cybersecurity by utilizing Machine Learning (ML) and Deep Learning (DL) technologies. ML and DL have had many successful applications in image recognition and language processing, and now these techniques are the fastest growing trends in cybersecurity. These tools are gaining more traction in cybersecurity because they facilitate more efficient analysis and allow faster, automated responses to various threats.

The slam-style talks will present various approaches of combating cyber attacks and cybercrime using ML and DL techniques. Slammers will entertain and at the same time, try to convince the crowd that the world will be a safer place with their contribution.

Event Recording
Panel - Future of Critical Infrastructure Security
Dec 18, 2018

More often we hear about the devastating effects the attack on critical infrastructure can have on the citizens of an affected city or a country. Yet we don't see large scale attacks yet being conducted. Panellist will discuss possible threats in todays world as well as the ways private sector and governments can collaborate to prevent such assaults on critical infrastructure.

Event Recording
Dimitri Chichlo - What is the Role of a CISO in 2020?
Dec 18, 2018

In the past years, a CISO would mainly be chosen among the IT staff who expressed his interest for information security or by arbitrarily promoting someone from the inside to please the auditors with filling a headcount gap. Tasks and skills were mainly technical, focusing on patching, administering firewalls and installing antiviruses. With the years though, companies have made their IT systems the backbone of their businesses. Similarly, criminality has shifted to exploit online systems. Combination of both realities now requires that CISOs possess and demonstrate core competencies that allow them transforming the essence of their job from infrastructure protector to business enabler. In this keynote, we will explore how and why CISOs should now focus on value creation instead of value protection, getting from a defensive to a proactive approach.

Event Recording
Panel - Risk Assessment and Security Design
Dec 18, 2018

Zero Trust Security assumes that nothing in a companies ITinfrastructure like including users, endpoint devices, networks, and resources, is ever trusted. All interactions must be verified to decrease the chance of a security breach. Zero Trust Security ensures secure access to resources while significantly reducing the possibility of access by bad actors. In this paneldiscussion we will discuss the considerations companies should make before implementing Zero Trust Security and Zero Trust Security by Design.

Event Recording
Martin Kuppinger - User Behaviour: The Link between CyberSecurity and Identity Management
Dec 18, 2018

An increasing number of attacks, both external cyber-attacks and internal attacks, are well-thought-out and long-running. Particularly external, targeted attacks rely on the use of zero-day-exploits, which factually are yet unknown exploits. Thus, standard approaches such as signature-based analysis don’t help – you can’t detect what you don’t know. On the other hand, malicious behavior of internal users is hard to detect. Commonly, existing entitlements are used, but not as they should be used. Both challenges can be addressed by analyzing the user behavior and identifying anomalies and outliers. There are various technologies for doing so, focusing on network traffic, privileged user behavior, or access to unstructured data. All of these deliver to the one target: Mitigating risk of attacks. 

Event Recording
Mans Hakansson - Beyond OAuth: Securing APIs with Policies & Attribute-Based Access Control
Dec 18, 2018

Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. -API security basics -Avoiding bad security practices -Overcoming OAuth limitations -Managing authorization as a microservice

Event Recording
Workshop - Mobile Apps und Single Sign-On
Dec 04, 2018

Wenn es um die Integration von Mobile Apps in die Single Sign-On-Umgebung geht, dann entstehen oft Interessenskonflikte zwischen Designern, der IT-Sicherheit und dem, was der Kunde wirklich möchte.

Welchen Einfluss hat das gewählte Login-Verfahren auf die Sicherheit und welche Ansätze haben sich in der Praxis bewährt? Wie kann ein Kompromiss aussehen, der sowohl den Kunden zufriedenstellt, aber trotzdem ein ausreichendes Sicherheitsniveau bietet? Erfahren Sie, welche Best Practices es gibt und welche Rolle OAuth 2.0 dabei spielt.

Event Recording
Peter Gyongyosi - Can You Trust UBA? -- Evaluating Machine Learning Algorithms in Practice
Dec 18, 2018

The promise of every security solution is to detect the next attack, but verifying that claim is almost impossible. Attacks are extremely rare and tend to change: the ability to catch attacks that happened in the past say little about the ability to find things that will happen in the future and those breached are unlikely to share information and data about how that happened. In this presentation I will show the different approaches and metrics we found to measure the efficiency of the unsupervised machine learning algorithms commonly used in UBA products.

Event Recording
Cybersecurity Leadership Summit 2018 Europe Summary
Nov 14, 2018