Cyber Security Congress 2017

Similar documents
IIoT cyber security simulation

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

ARC VIEW. Critical Industries Need Active Defense and Intelligence-driven Cybersecurity. Keywords. Summary. By Sid Snitkin

An Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)

2016 KPMG AS, a Norwegian limited liability company and a member firm of the KPMG network of independent member firms affiliated with KPMG

2018 MANAGED SECURITY SERVICE PROVIDER (MSSP): BENCHMARK SURVEY Insights That Inform Decision-Making for Retail Industry Outsourcing

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

MITIGATE CYBER ATTACK RISK

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Securing Your Digital Transformation

Cyber Threat Landscape April 2013

Innovation policy for Industry 4.0

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Cyber Security Incident Response Fighting Fire with Fire

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

13.f Toronto Catholic District School Board's IT Strategic Review - Draft Executive Summary (Refer 8b)

CYBER CAMPUS KPMG BUSINESS SCHOOL THE CYBER SCHOOL FOR THE REAL WORLD. The Business School for the Real World

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

The University of Queensland

Cisco Start. IT solutions designed to propel your business

Protecting Critical Energy Infrastructure International Multistakeholder Conference, Training & Exhibition

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018

Certified Cyber Security Specialist

Micro Focus Partner Program. For Resellers

Predictive Insight, Automation and Expertise Drive Added Value for Managed Services

IT Management Excellence. Contents are subject to change. For the latest updates visit Page 1 of 7

Experience Security, Risk, and Governance

CYBERSECURITY MATURITY ASSESSMENT

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

Securing Digital Transformation

Managed Endpoint Defense

Preparing your network for the next wave of innovation

ehealth Ministerial Conference 2013 Dublin May 2013 Irish Presidency Declaration

THE CYBER SECURITY PLAYBOOKECTOR SHOULD KNOW BEFPRE, DURING & AFTER WHAT EVERY DIRECTOR SHOULD KNOW BEFORE, DURING AND AFTER AN ATTACK

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

WINNING THE WAR FOR CYBER TALENT

HEALTH CARE AND CYBER SECURITY:

OPERATIONAL ANALYTICS AND ACQUISITION FOCUS DAY MONDAY, APRIL 30

Managing and Preparing for Cyber Incidents

Section One of the Order: The Cybersecurity of Federal Networks.

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Three Key Challenges Facing ISPs and Their Enterprise Clients

INFORMATION. October Radisson Blu Hotel Abidjan PRESS RELEASE.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

Cybersecurity. Securely enabling transformation and change

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

G7 Bar Associations and Councils

Candidate Profile for the Position of Vice President, Education and Certification

Security Director - VisionFund International

Itu regional workshop

Cyber Security Program

OA Cyber Security Plan FY 2018 (Abridged)

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

School of Engineering & Built Environment

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

PA TechCon. Cyber Wargaming: You ve been breached: Now what? April 26, 2016

Sage Data Security Services Directory

CYBERSECURITY PENETRATION TESTING - INTRODUCTION

Disaster Management and Security Solutions to Usher in the IoT Era

OPERATIONS CENTER. Keep your client s data safe and business going & growing with SOC continuous protection

The NextGen cyber crime battlefield. Why organizations will always lose this battle

RUAG Cyber Security Understand Cyber. Protect Values.

Incident Response Services

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Are we breached? Deloitte's Cyber Threat Hunting

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Angela McKay Director, Government Security Policy and Strategy Microsoft

What Does the Future Look Like for Business Continuity Professionals?

End-to-end Safety, Security and Reliability Keys for a successful I4.0 Migration

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

State of Israel Prime Minister's Office National Cyber Bureau. Unclassified

HOSTED SECURITY SERVICES

Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13

COMMISSION RECOMMENDATION. of on Coordinated Response to Large Scale Cybersecurity Incidents and Crises

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

to Enhance Your Cyber Security Needs

Real estate predictions 2017 What changes lie ahead?

International Exhibition and Conference on Security & Safety. March 27-28, 2019 l New World Makati Hotel, Manila, Philippines E-BROCHURE

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

21ST CENTURY CYBER SECURITY FOR MEDIA AND BROADCASTING

Cyber Intelligence Professional Certificate Program Booz Allen Hamilton 2-Day Seminar Agenda September 2016

Cybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment

MALAYSIA S APPROACH IN CAPACITY BUILDING. Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia 24 March 2017

Implementation Strategy for Cybersecurity Workshop ITU 2016

Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

Security Awareness Training Courses

Building the Cybersecurity Workforce. November 2017

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

RESOLUTION 47 (Rev. Buenos Aires, 2017)

Cloud Services. Infrastructure-as-a-Service

Standing Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018

Implementing ITIL v3 Service Lifecycle

The Role of Public Sector Audit and Risk Committees in Cybersecurity & Digital Transformation. ISACA All Rights Reserved.

Transcription:

Cyber Security Congress 2017 A rich agenda covering both technical and management matters with targeted presentations and hands on workshops. Day 1 Conference Morning Session 8.30 9.00 Registration & Coffee 9.00 9.15 Welcoming Address George Tziortzis, Head of Management Consulting, KPMG Cyprus A focused KPMG event to address the current and emerging Cyber Security challenges. October 26 th 2017 (Day 1) 9:00 am to 12:00 pm Workshops (By Invitation) 1:30 pm to 4:00 pm Hilton Hotel, Nicosia October 27 th 2017 (Day 2) Capture the Drone (CTF Game) KPMG, Nicosia 9.20 10.30 Cyber Response Live Case & Interactive Decision Making Ronald Heil, Director / Lars Jacobs, Manager, Cyber Security / Forensic Technology, KPMG Netherlands 10.35 11.15 Digitalizing Cloud Risk Management Olga Kulikova, Manager, Cyber Security, KPMG Netherlands 11.20 11.45 The Evolving Cyber Needs & KPMG s Approach Christos Yiacoumis, Manager, Cyber Security, KPMG Cyprus 11.45 12.00 Discussion Break 12.00 1.00 Lunch & KPMG Marketplace Information and Demonstrations of KPMG Services and Solutions Afternoon Session Workshops ( B y I n v i t a t i o n ) 1.30 4.00 Infrastructure Control System / Red Teaming Cyber Game Technical Hands-on War Game / Workshop RSVP & Information +357 22209292 inna.yakimova@kpmg.com.cy christos.yiacoumis@kpmg.com.cy 1.30 4.00 Management Response & Handling Cyber Crisis Game Cyber Security Management Level Hands-on War Game / Workshop Day 2 Capture the Drone Game 9.30 10.00 Registration & Coffee 10.00 3.00 Capture the Drone Game A drone-inspired Capture-the-Flag game. Participation aimed at university and junior hackers. 2017 KPMG Limited, a Cyprus Limited Liability Company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ('KPMG Advisory Services

Sessions Overview: Day 1 - Morning Session Cyber Response Live Case & Interactive Decision Making Modern times require organizations to deal with cyber incidents. During this presentation we will follow the story of the response to a cyber incident and what you can do to test your own cyber response capability with red teaming. Cyber response is about asking questions and making decisions about your investigation scope based on your understanding of the incident. As cyber incidents become more complex, they impact not only disruption of IT services delivery but also result in potential direct business impact. You will be challenged to make decisions during this presentation that will influence the outcome of the story. At the end of the presentation we will reflect on the outcome of our group decisions, giving you insights in the impact of the decisions made. Digitalizing Cloud Risk Management The evolving landscape of cloud services is a promising opportunity for organizations that seek to digitize their processes. However, since anyone with a credit card can purchase online services with a single click without following the approved IT processes, the amount of Shadow IT used by businesses is wildly growing. Whether the organizations are aware of their Shadow IT exposure or not, the approaches they usually take to re- gain the control over Shadow IT are either simply forbidding such services, or performing ad- hoc manual risk assessments. Neither of those methods provide a sustainable risk management solution. KPMG proposes a Digital Risk Platform that automates cloud adoption processes, to help companies stay in control of the quickly changing IT landscape and get maximum transparency with minimal manual effort. During this session you will see the live demo of the Digital Risk Platform that has been in use by KPMG clients to automate their Shadow IT risks management process. The Evolving Cyber Needs & KPMG s Approach Cyber security is a path to growth and competitive advantage for a 21st Century Enterprise. Our current focus as a firm is on enabling a 21st Century Enterprise, where our clients seize opportunities stemming from Customer Engagement, the Changing Nature & Value of Assets, the Everything as a Service Business Model and the Workforce of the Future practices. KPMG Cyber sees the world from the client s perspective, bringing a business context to cyber security for all levels of the organization, from the boardroom to the back office. Our global approach includes end to end services, Cyber technology solutions, innovation management and knowledge management.

Sessions Overview: Day 1 - Afternoon Session Workshops * Introduction Economies and societies around the globe depend on the uninterrupted functioning of critical infrastructures, critical systems and their services. Industrial Control Systems (ICS) and other Business and Social Critical Systems (BSCS) are crucial for key processes in most organizations. Nowadays, ICS and BSCS do not exist anymore in closed and benign environments only. The business requirements of the 21st century often make it necessity to integrate with external systems and networks to harness more efficiently interoperability, data, machine-to-machine (M2M) communication and automation technologies. The mix of these elements creates the so- called Industrial Internet of Things (llot) promoting more agile ways of delivering services. KPMG has over the years developed a realistic cyber defense simulation and training environment that is used with both executive management as well as operational staff to experience a simulated incident and learn how to respond to cyber threats, cyber intelligence and handle indicators of compromise. The environment has been developed further with the inclusion of industrial control system (ICS) simulations with a total of 15 environments representing business environments. Workshop 1 - Infrastructure Control System / Red Teaming Cyber Game A Technical Hands- on War Game / Workshop The workshop will be a hands on interactive exercise where a red teaming approach will be taken and the participants will be required to act on strategic, tactical and operational insights and based on guidance to address and defend a Cyber attack. Participants invited include Information Security Engineers, Information Security Specialists, Technology Forensic Specialists, Information Technology Specialists, Information System Engineers, Incident Response Specialists, etc. Technical knowledge is required. Workshop 2 - Management Response & Handling Cyber Crisis Game Cyber Security Management Level Hands- on War Game / Workshop The workshop will be a hands on interactive exercise where management staff collaborate together and exchange information to decide and implement the required and proper response handling, to ensure business continuity of the company. They will be required to respond to actual incidents that will be simulated by KPMG. The simulation is designed in an engaging way by including use of tablets, multimedia and facilitators. During the crisis the participants are under high time pressure and challenged to make decisions in minutes requiring them to communicate well and act on incomplete information. Participants invited include Executive Management, Information Security Officers, Risk Managers / Officers, Incident Response Specialists, Information Technology Managers, etc. Technical knowledge is NOT required. * Due to the limited seat availability, the participation to the above workshops is by invitation only. The invitation can be extended to suitable individuals within the organization. Individuals that will participate must register at least five days before the event stating their name, position within the organization and their contact information. Final allocation of participation seats will be will be subject to availability.

Start Cyber Game Simulation Participant Journey Finish Real Life Scenario Simulation Launch Leveraging a realistic cyber defense simulation and training environment that is used with both executive management as well as operational staff to experience a simulated incident and learn how to respond to cyber threats, cyber intelligence and handle indicators of compromise. Start 1 Launch The KPMG red team launches the attack participants either participate with the KPMG team or monitor their system environment in a business as usual mode. (W2) participants are in a business as usual mode. 2 Identify The KPMG red team continues the attack participants identify the attack on their system environment and switch to a response mode. (W2) participants are informed and invoke the incident response plan. 3 Defend The KPMG team continues the attack Technical Workshop (W1) participants initiate defense mechanisms and processes and escalate any matters that require immediate decision making. Leverage existing technology solutions and tools and own skills to defend the environment. (W2) participants are informed of the ongoing activities, are presented with time sensitive matters to address and implement decision making process. 4 Manage The KPMG team escalates and varies the attack against the specific simulated target. participants leverage varied defense mechanisms and processes and formulate defense and incident response strategy based on management feedback and instructions. (W2) participants communicate between themselves and based on available information presented to them make decisions that define the incident response strategy and operational activities. 5 Resolve The KPMG team fades out the attack (depending on the success of the response). participants focus on sanitizing and stabilizing the environment. (W2) participants monitor the outcome of the implementation of their instructions and evaluate. 5 Finish Lessons Learned and Knowledge Sharing Guided analysis and evaluation by reflecting on the outcome of the group decisions, providing insights in the impact of the decisions made and response actions implemented. 4 1 3 2 Cyber Security Congress 2017

Sessions Overview: Day 2 Capture the Drone Game A drone- inspired Capture- the- Flag (CTF)Game Become part of the hacking group #AntiBridge, dedicated to stealing Drone International s newest drone that is currently flying test runs above Cambridge. In this drone- inspired CTF, it is your job to hack your way through Drone International s company network and reach the Drone Controller from where you can let the drone land safely on a nearby field where your accomplices are waiting to steal it. But beware, Drone International has sophisticated tracking equipment powered by their own generation plant. IF you want to make it out alive, you will need to shut down their factory as well. The workshop will be a hands on technical exercise where participants will be required to demonstrate their technical skills in circumventing security mechanisms and taking control of the drone. Participants invited include University students with technical background, junior ethical hackers, etc. Technical knowledge is required. 1. Hack through the Company 2. Control the Drone 3. Land the Drone 4. Shut down the Factory

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback