Cyber Security Congress 2017 A rich agenda covering both technical and management matters with targeted presentations and hands on workshops. Day 1 Conference Morning Session 8.30 9.00 Registration & Coffee 9.00 9.15 Welcoming Address George Tziortzis, Head of Management Consulting, KPMG Cyprus A focused KPMG event to address the current and emerging Cyber Security challenges. October 26 th 2017 (Day 1) 9:00 am to 12:00 pm Workshops (By Invitation) 1:30 pm to 4:00 pm Hilton Hotel, Nicosia October 27 th 2017 (Day 2) Capture the Drone (CTF Game) KPMG, Nicosia 9.20 10.30 Cyber Response Live Case & Interactive Decision Making Ronald Heil, Director / Lars Jacobs, Manager, Cyber Security / Forensic Technology, KPMG Netherlands 10.35 11.15 Digitalizing Cloud Risk Management Olga Kulikova, Manager, Cyber Security, KPMG Netherlands 11.20 11.45 The Evolving Cyber Needs & KPMG s Approach Christos Yiacoumis, Manager, Cyber Security, KPMG Cyprus 11.45 12.00 Discussion Break 12.00 1.00 Lunch & KPMG Marketplace Information and Demonstrations of KPMG Services and Solutions Afternoon Session Workshops ( B y I n v i t a t i o n ) 1.30 4.00 Infrastructure Control System / Red Teaming Cyber Game Technical Hands-on War Game / Workshop RSVP & Information +357 22209292 inna.yakimova@kpmg.com.cy christos.yiacoumis@kpmg.com.cy 1.30 4.00 Management Response & Handling Cyber Crisis Game Cyber Security Management Level Hands-on War Game / Workshop Day 2 Capture the Drone Game 9.30 10.00 Registration & Coffee 10.00 3.00 Capture the Drone Game A drone-inspired Capture-the-Flag game. Participation aimed at university and junior hackers. 2017 KPMG Limited, a Cyprus Limited Liability Company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ('KPMG Advisory Services
Sessions Overview: Day 1 - Morning Session Cyber Response Live Case & Interactive Decision Making Modern times require organizations to deal with cyber incidents. During this presentation we will follow the story of the response to a cyber incident and what you can do to test your own cyber response capability with red teaming. Cyber response is about asking questions and making decisions about your investigation scope based on your understanding of the incident. As cyber incidents become more complex, they impact not only disruption of IT services delivery but also result in potential direct business impact. You will be challenged to make decisions during this presentation that will influence the outcome of the story. At the end of the presentation we will reflect on the outcome of our group decisions, giving you insights in the impact of the decisions made. Digitalizing Cloud Risk Management The evolving landscape of cloud services is a promising opportunity for organizations that seek to digitize their processes. However, since anyone with a credit card can purchase online services with a single click without following the approved IT processes, the amount of Shadow IT used by businesses is wildly growing. Whether the organizations are aware of their Shadow IT exposure or not, the approaches they usually take to re- gain the control over Shadow IT are either simply forbidding such services, or performing ad- hoc manual risk assessments. Neither of those methods provide a sustainable risk management solution. KPMG proposes a Digital Risk Platform that automates cloud adoption processes, to help companies stay in control of the quickly changing IT landscape and get maximum transparency with minimal manual effort. During this session you will see the live demo of the Digital Risk Platform that has been in use by KPMG clients to automate their Shadow IT risks management process. The Evolving Cyber Needs & KPMG s Approach Cyber security is a path to growth and competitive advantage for a 21st Century Enterprise. Our current focus as a firm is on enabling a 21st Century Enterprise, where our clients seize opportunities stemming from Customer Engagement, the Changing Nature & Value of Assets, the Everything as a Service Business Model and the Workforce of the Future practices. KPMG Cyber sees the world from the client s perspective, bringing a business context to cyber security for all levels of the organization, from the boardroom to the back office. Our global approach includes end to end services, Cyber technology solutions, innovation management and knowledge management.
Sessions Overview: Day 1 - Afternoon Session Workshops * Introduction Economies and societies around the globe depend on the uninterrupted functioning of critical infrastructures, critical systems and their services. Industrial Control Systems (ICS) and other Business and Social Critical Systems (BSCS) are crucial for key processes in most organizations. Nowadays, ICS and BSCS do not exist anymore in closed and benign environments only. The business requirements of the 21st century often make it necessity to integrate with external systems and networks to harness more efficiently interoperability, data, machine-to-machine (M2M) communication and automation technologies. The mix of these elements creates the so- called Industrial Internet of Things (llot) promoting more agile ways of delivering services. KPMG has over the years developed a realistic cyber defense simulation and training environment that is used with both executive management as well as operational staff to experience a simulated incident and learn how to respond to cyber threats, cyber intelligence and handle indicators of compromise. The environment has been developed further with the inclusion of industrial control system (ICS) simulations with a total of 15 environments representing business environments. Workshop 1 - Infrastructure Control System / Red Teaming Cyber Game A Technical Hands- on War Game / Workshop The workshop will be a hands on interactive exercise where a red teaming approach will be taken and the participants will be required to act on strategic, tactical and operational insights and based on guidance to address and defend a Cyber attack. Participants invited include Information Security Engineers, Information Security Specialists, Technology Forensic Specialists, Information Technology Specialists, Information System Engineers, Incident Response Specialists, etc. Technical knowledge is required. Workshop 2 - Management Response & Handling Cyber Crisis Game Cyber Security Management Level Hands- on War Game / Workshop The workshop will be a hands on interactive exercise where management staff collaborate together and exchange information to decide and implement the required and proper response handling, to ensure business continuity of the company. They will be required to respond to actual incidents that will be simulated by KPMG. The simulation is designed in an engaging way by including use of tablets, multimedia and facilitators. During the crisis the participants are under high time pressure and challenged to make decisions in minutes requiring them to communicate well and act on incomplete information. Participants invited include Executive Management, Information Security Officers, Risk Managers / Officers, Incident Response Specialists, Information Technology Managers, etc. Technical knowledge is NOT required. * Due to the limited seat availability, the participation to the above workshops is by invitation only. The invitation can be extended to suitable individuals within the organization. Individuals that will participate must register at least five days before the event stating their name, position within the organization and their contact information. Final allocation of participation seats will be will be subject to availability.
Start Cyber Game Simulation Participant Journey Finish Real Life Scenario Simulation Launch Leveraging a realistic cyber defense simulation and training environment that is used with both executive management as well as operational staff to experience a simulated incident and learn how to respond to cyber threats, cyber intelligence and handle indicators of compromise. Start 1 Launch The KPMG red team launches the attack participants either participate with the KPMG team or monitor their system environment in a business as usual mode. (W2) participants are in a business as usual mode. 2 Identify The KPMG red team continues the attack participants identify the attack on their system environment and switch to a response mode. (W2) participants are informed and invoke the incident response plan. 3 Defend The KPMG team continues the attack Technical Workshop (W1) participants initiate defense mechanisms and processes and escalate any matters that require immediate decision making. Leverage existing technology solutions and tools and own skills to defend the environment. (W2) participants are informed of the ongoing activities, are presented with time sensitive matters to address and implement decision making process. 4 Manage The KPMG team escalates and varies the attack against the specific simulated target. participants leverage varied defense mechanisms and processes and formulate defense and incident response strategy based on management feedback and instructions. (W2) participants communicate between themselves and based on available information presented to them make decisions that define the incident response strategy and operational activities. 5 Resolve The KPMG team fades out the attack (depending on the success of the response). participants focus on sanitizing and stabilizing the environment. (W2) participants monitor the outcome of the implementation of their instructions and evaluate. 5 Finish Lessons Learned and Knowledge Sharing Guided analysis and evaluation by reflecting on the outcome of the group decisions, providing insights in the impact of the decisions made and response actions implemented. 4 1 3 2 Cyber Security Congress 2017
Sessions Overview: Day 2 Capture the Drone Game A drone- inspired Capture- the- Flag (CTF)Game Become part of the hacking group #AntiBridge, dedicated to stealing Drone International s newest drone that is currently flying test runs above Cambridge. In this drone- inspired CTF, it is your job to hack your way through Drone International s company network and reach the Drone Controller from where you can let the drone land safely on a nearby field where your accomplices are waiting to steal it. But beware, Drone International has sophisticated tracking equipment powered by their own generation plant. IF you want to make it out alive, you will need to shut down their factory as well. The workshop will be a hands on technical exercise where participants will be required to demonstrate their technical skills in circumventing security mechanisms and taking control of the drone. Participants invited include University students with technical background, junior ethical hackers, etc. Technical knowledge is required. 1. Hack through the Company 2. Control the Drone 3. Land the Drone 4. Shut down the Factory