Event Recording

Panel - Zero Trust Paradigm for the Future of Security

Speakers
Morey J. Haber
Chief Security Officer
BeyondTrust
Morey J. Haber
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four books: Cloud Attack Vectors, Privileged Attack Vectors, Asset Attack Vectors, and Identity Attack Vectors. He is a founding member of the industry group...
View profile
Max Heinemeyer
Director Of Threat Hunting
Darktrace
Max Heinemeyer
Max is a cyber security expert with over eight years’ experience in the field specializing in network monitoring and offensive security. He is frequently quoted on cyber-related issues on publications like Wired, The Telegraph, Forbes and other high-profile publications. At Darktrace, Max...
View profile
Darran Rolls
Research and Advisory Fellow
KuppingerCole / Cloud 10
Darran Rolls
Mr. Darran Rolls is a research and advisory Fellow at KuppingerCole and an independent consulting advisor. He has a long history in Identity Management and Security at companies ranging from Tivoli Systems - IBM, Waveset Technologies, Sun Microsystems and SailPoint...
View profile
Playlist
Cybersecurity Leadership Summit 2020
Event Recording
Paolo Comi, Nadia Fabrizio: Quantum Secured Blockchain
Nov 13, 2020

This talk aims to share the experience achieved during Q-Secure Net, a 2020's project co-financed by the European Institute of Technology (EIT) and Italtel, Cefriel, Politecnico di Milano, CNR, UPM and Telefonica. Q-Secure Net will provide a cost-effective and flexible network solution for unconditionally secure communication services based on Quantum Key Distribution (QKD) thought for fiber-optic networks.

The talk will also present an application of Blockchain Atomic Swaps for the exchange of securities and cryptocurrencies, developed in the project and based on QKD. Atomic Swaps have great potentials for financial scenarios regarding securities, crypto exchanges and cryptocurrencies but have specific security threats.

The QKD market is expected to grow over $980 million by 2024. In the long term, the QKD will be strategic for the design of new architectures in many sectors like telco, defence and transports and 5G sectors. QKD's infrastructural security and its ability to mitigate cyber-risks, also allow a whole new class of approaches and applications for Decentralised Finance.

 

 

Key Takeaways:

-          QKD Features

-          Capabilities for Fintech applications

-          Atomic Swap and Crypto Exchanges

-          How QKD can mitigate risk in applications like smart contracts for Decentralised Finance Scenarios (for example in the Atomic SWAP use case)

Event Recording
Markus Malewski, Joerg Hesske: No Chance for Hackers and Spies. Why Thyssenkrupp Takes a Completely Different Approach to Security
Nov 20, 2020

Markus Malewski, Head of SOC / SIEM at thyssenkrupp gives an insight how thyssenkrupp re-formed the Security division after the Winnti attack in 2016, why the company is so well prepared for current and future challenges and how the solutions of Elastic help to achieve those. Jörg Hesske, AVP CEMEA at Elastic shows how Elastic Security helps SecOps teams to protect their company against threats quickly and precisely with an integrative security approach.

Event Recording
Elastic Security Workshop Part I - Unified Protection for Everyone
Nov 19, 2020

Learn how the latest security capabilities in the Elastic Stack enable interactive exploration, incident management and automated analysis, as well as unsupervised machine learning to reduce false positives and spot anomalies — all at the speed and scale your security practitioners need to defend your organization. Additionally, we'll be talking about the new protection and detection capabilities of the free Elastic Endpoint, now also part of Elastic Security, as well as EQL - the event query language, which brings new query and detection capabilities to Elastic Security.

Event Recording
Dr. Mariarosaria Taddeo: Trusting AI in Cybersecurity: A Double-Edged Sword
Nov 13, 2020

Applications of artificial intelligence (AI) for cybersecurity tasks are attracting greater attention from the private and the public sectors. Estimates indicate that the market for AI in cybersecurity will grow from US$1 billion in 2016 to a US$34.8 billion net worth by 2025. The latest national cybersecurity and defence strategies of several governments explicitly mention AI capabili- ties. At the same time, initiatives to define new standards and certification procedures to elicit users’ trust in AI are emerging on a global scale. However, trust in AI (both machine learning and neural networks) to deliver cybersecurity tasks is a double- edged sword: it can improve substantially cybersecurity practices, but can also facilitate new forms of attacks to the AI applica- tions themselves, which may pose severe security threats. We argue that trust in AI for cybersecurity is unwarranted and that, to reduce security risks, some form of control to ensure the deployment of ‘reliable AI’ for cybersecurity is necessary. To this end, we offer three recommendations focusing on the design, development and deployment of AI for cybersecurity.

Event Recording
Ioannis Chrysakis: The CAP-A Best Practice: Towards Enabling a Privacy-Friendly Apps Market by Applying a Crowdsourcing-Based Evaluation Approach
Nov 16, 2020
Event Recording
Martin Rohrer: Cyber Navigation in Turbulent Times – How Cyber Maturity Assessments Provide a Sense of Direction
Nov 13, 2020

When navigating a big ship, it is crucial to know your position and the course you set. In this case, the ship is a symbol for a company planning its investment in cyber security. In practice, the overall strategic view is often obscured or missing. An assessment of the cyber maturity level will give a better understanding of the position as well as the direction, considering the specific risks. A risk-based approach allows investments in cybersecurity to have the greatest possible, measurable impact.

Event Recording
Stefan Würtemberger: The Road to Zero Trust After a Cyber-Incident
Nov 12, 2020
Event Recording
Jean-Christophe Gaillard: The Cyber Security Skills Gap: Real Problem or Self-inflicted Pain?
Nov 12, 2020

You don’t have to go far these days to find security professionals complaining about skills shortages, and countless media outlets relaying their views. But there are at least two sides to this argument and the situation requires a more balanced approach. The security industry needs to rebuild its narrative to attract more raw talent at all levels.

Event Recording
Panel - Accelerating Digital Transformation with Secure Cloud Access
Nov 12, 2020
Event Recording
Berthold Kerl: Top 2021 Cyber Topics: Results From a Recent KC Survey
Nov 13, 2020

In this talk, you will learn about the results of the recent KuppingerCole Survey on top Cybersecurity Topics for 2021.

Event Recording
Enrico Frumento: IT-OT Convergence of Security
Nov 12, 2020

Experts define Operational Technology (OT) as «hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events.»

OT differs from IT, in terms of functionalities, the culture of operators and threats. In recent months, we witness an increasing convergence of IT and OT systems. This area is a novel and rapidly expanding one for both cybercrime and industry. Recent IBM’s 2020 X-Force Threat Intelligence Index summarizes that attacks targeting operational technology (OT) infrastructure increased by over 2000 per cent in 2019 compared to the previous year. The COVID-19 pandemic accelerated these trends: it is the digital accelerant of the decade and accelerated companies’ digital transformations by approximately a global average of 6 years.

For example, one of the impacts of COVID-19 –at least until a vaccine is discovered– is the reduction of on-site staff. In the case of OT systems, this put a strain on the already limited resources and required an increase in external connectivity. The result is the numerous industrial plants exposed to, for example, ransomware attacks.

 

From a bird-fly point of view, IT and OT are still missing a holistic approach that includes cybersecurity, physical security and cyber-physical security, an integrated cyber-risk estimation and governance models able to span across IT and OT domains. Overall the primary need concentrates around as reconciliation of IT Security (typically built on Confidentiality-Integrity-Availability paradigm) with OT Cybersecurity (which fundamental properties are instead Safety-Reliability-Productivity).

 

 

Key Takeaways:

-          Status of IT and OT security

-          long term impacts of the pandemic on the digital transformation agenda of industry

-          Main challenges and trends for the IT and OT security

-          Some possible solutions

Event Recording
Matt Berzinski: Choosing the Right IAM solution to secure your Hybrid Cloud Environment
Nov 12, 2020

In 2020 organizations have been forced to accelerate their digital transformation plans to meet the needs of a more digital engaged end user. From remote workforces to shifts to online commerce, nearly every industry has had to adopt to this new reality. This has resulted in rapid cloud service adoption and a need for integration of existing on-premises investments with them. But today's Hybrid Cloud reality needs a comprehensive security policy that encompasses newly acquired cloud technologies all the way down to legacy on premises applications which provide business critical capabilities. In this presentation, we will discuss the characteristics needed in an Identity and Access Management platform that will allow organizations to quickly get address new security issues while allowing for a smooth digital transformation at their own pace.