Athens, 2 & 4 November 2013

Similar documents
Gregory. Regulators. Speakers

1 ISACA KEYNOTE Presentation Emerging IT - Trends and their Implications to the Audit Profession

Les joies et les peines de la transformation numérique

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

Val-EdTM. Valiant Technologies Education & Training Services. Workshop for CISM aspirants. All Trademarks and Copyrights recognized.

Call for Expressions of Interest

Cybersecurity & Privacy Enhancements

Vademecum of Speakers

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Securing Europe s IoT Devices and Services

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

ITU CBS. Digital Security Capacity Building: Role of the University GLOBAL ICT CAPACITY BUILDING SYMPOSIUM SANTO DOMINGO 2018

ISACA International Perspective

Bradford J. Willke. 19 September 2007

Certified Cyber Security Specialist

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Operations & Technology Seminar. Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ

Implementation Strategy for Cybersecurity Workshop ITU 2016

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Cyber Security Incident Response Fighting Fire with Fire

CYBER SECURITY AND DATA PROTECTION Theme: Securing Businesses and Public Transactions. Regional Headquarters, The University of the West Indies, Mona

INTERNATIONAL TELECOMMUNICATION UNION

ENISA S WORK ON ICS AND SMART GRID SECURITY

Athens, 6 7 December 2012 Hellenic American Union Conference Center

2018 Government Professional Accounting Seminar

Cyber Security Congress 2017

Effective COBIT Learning Solutions Information package Corporate customers

ENISA EU Threat Landscape

MAY. (Tue) Hong Kong. CYBERSECURITY & RISK MANAGEMENT How to preempt cybersecurity challenges in the digital world

Cyber, Information Security, and Data Protection

Cyber Security in Europe

CFE Exam Review Course

Helping you understand the impact of GDPR.

Security and resilience in Information Society: the European approach

Professional Training Course - Cybercrime Investigation Body of Knowledge -

Discussion on MS contribution to the WP2018

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

European Union Agency for Network and Information Security

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

building for my Future 2013 Certification

Cyber Security Strategy

RISK BASED INTERNAL AUDIT (16 CPE) COSO ERM Framework - Risk Assessment Process

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

30 th -31 st May 2019 Brussels, Belgium 31 st May 2019 ISO Auditor Examination

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Securing Europe's Information Society

Cybersecurity & Digital Privacy in the Energy sector

GEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards

COURSE BROCHURE CISA TRAINING

Citation for published version (APA): Berthing, H. H. (2014). Vision for IT Audit Abstract from Nordic ISACA Conference 2014, Oslo, Norway.

Training Catalog. Decker Consulting GmbH Birkenstrasse 49 CH 6343 Rotkreuz. Revision public. Authorized Training Partner

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security

Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security

ISACA MOSCOW CHAPTER Chapter meeting 22 September 2016

Risk Advisory Academy Training Brochure

Cloud Computing: A European Perspective. Rolf von Roessing CISA, CGEIT, CISM International Vice President, ISACA

BHConsulting. Your trusted cybersecurity partner

The University of Queensland

Cyber Intelligence Professional Certificate Program Booz Allen Hamilton 2-Day Seminar Agenda September 2016

BHConsulting. Your trusted cybersecurity partner

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Cybersecurity Fundamentals

THE ISACA CURACAO CHAPTER IS ORGANIZING FOLLOWING INFORMATION SECURITY AND TECHNOLOGY SESSIONS ON MAY 15-MAY :

M.S. IN INFORMATION ASSURANCE MAJOR: CYBERSECURITY. Graduate Program

Managing Cyber Risk. Robert Entin Executive Vice President Chief Information Officer Vornado Realty Trust

Itu regional workshop

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

PROFILE FRANCIS KAITANO. Francis Kaitano is a strategic, innovative, delivery focused Cyber Security professional.

2017 PORT SECURITY SEMINAR & EXPO. ISACA/CISM Information Security Management Training for Security Directors/Managers

Global cybersecurity and international standards

Table of Contents. Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING

Security Director - VisionFund International

Cyber Security and Protecting Critical Information Infrastructures

IT Audit Essentials. Date: 10 th 12 th March 2015 Time: 9 am to 5.30 pm Venue: Iverson Associates, Center Point Bandar Utama, Kuala Lumpur

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

MY CERTIFICATION HELPED ME GET HERE. MY MEMBERSHIP HELPS KEEP ME HERE.

Workshop description

Reference Framework for the FERMA Certification Programme

Spread your wings Professional qualifications and development at Deloitte. What impact will you make? careers.deloitte.com

Predstavenie štandardu ISO/IEC 27005

WELCOME TO ISACA Claudio CILLI, CISA, CISM, CRISC, CGEIT

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

BUILD YOUR CYBERSECURITY SKILLS WITH TRASYS INTERNATIONAL

Application for Certification

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Directive on Security of Network and Information Systems

CENTRAL TAKE THE STAGE REGIONAL CONFERENCE MAY 1 4, 2016 / NASHVILLE, TN

Regional Cyber security Forum for Africa and Arab States, Tunis, Tunisia 4 th -5 th June 2009

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD

Committed to connecting the world

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Package of initiatives on Cybersecurity

The Role of Public Sector Audit and Risk Committees in Cybersecurity & Digital Transformation. ISACA All Rights Reserved.

IT in Healthcare Day

SRM Service Guide. Smart Security. Smart Compliance. Service Guide

Information Systems and Tech (IST)

BECOME TOMORROW S LEADER, TODAY. SEE WHAT S NEXT, NOW

MSc Enterprise Security & Digital Forensics

Transcription:

Athens, ISACA Athens Chapter with the support of Hellenic American Union is organizing the on November 2 & 4, 2013. The theme of the conference is: Emerging from Crisis The risks, the opportunities and the real value of IT. Attendees will earn up to a total of 17 CPEs (workshop 8, conference 9 CPEs) and 10 PDUs (workshop 2, conference 8). ISACA Keynote Speakers: Emerging IT Trends and their Implications to the Audit Profession Gregory T. Grocholski, CISA Global Business Finance Director Ventures, Business Development and Joint Venture at Dow Chemical ISACA International President 2012 2013 ENISA and ISACA Workshop Addresses Cybersecurity Challenges for Telecom Operators and Regulators Christos Dimitriadis, CISA, CISM, CRISC, Group Head of Information Security, Compliance and Innovation at INTRALOT Director of ISACA International BoD Awarded in 2013 with the John W. Lainhart IV Common Body of Knowledge Award by ISACA International Past ISACA positions: International Vice President Chair of COBIT Security Task Force and of External Relations Committee Member of the Relations Board, Academic Relations Committee, ISACA Journal Editorial Committee and Business Model for Information Security Work Group IT Governance and Emerging Trends Georges Ataya, CISA, CGEIT, CRISC, CISM, CISSP Managing Partner at ICT Control Professor at SolvayBrusselsSchool Past ISACA positions: International Vice President Chair, External Relations Committee President, Benelux Chapter Geo location: Risks, Strategies and Audit Aspects Urs Fischer, CISA, CRISC, CIA, CPA Owner & CEO Fischer IT GRC Consulting & Training, Member of ISACA/ITGI's Nomination Committee Awarded in 2010 with the John W. Lainhart IV Common Body of Knowledge Award by ISACA International Past ISACA positions: Chair of ISACA's & IT Governance Institute's Risk IT Task Force Chair Audit Committee Member of the COBIT Steering Committee and of the Credentialing Board Chair ISACA's CRISC Committee INVITED Expert Speakers: Dr. Evangelos Ouzounis, Head of Unit Secure Infrastructure and Services, ENISA Dr. Vasilis Katos, CHFI, Democritus University of Thrace ISACA Academic Advocate INTERNATIONAL Speakers: Charlie McMurdie, Senior Cyber Crime Advisor, PwC, Former Head of Law Enforcement National Cyber capability, Police Central e Crime Unit, Metropolitan Police UK (1981 2013) Nikolaos Virvilis, CISA, CISSP, GPEN, Information Assurance Scientist, NATO Communications & Information Agency

Speakers Iraklis Kanavaris, CISA, ISO 27001 LA, Supervising Senior Advisor, IT Risk and Management Consulting, KPMG Advisors AE Giorgos Gerogiannis, Datacenter & Cloud Solutions Manager, Unisystems Dr. Vasilis Vlachos, Lecturer at Technological Education Institute of Larissa ISACA Academic Advocate Dr. Emmanouil Serrelis, CISM, PhD (InfoSec), Information Security Expert Conference Chairman: Dr. Dimitris Gritzalis, Professor of ICT Security, Director of the M.Sc. Programme, Director of the Information Security and Critical Infrastructure Protection Laboratory, Dept. of Informatics, Athens University of Economics and Business Stay in touch at www.hau.gr/management and www.isaca.gr for updates on the conference program. Official language: English, (Translation from Greek to English available only). Venue: 2 Nov 2013 Workshop Athens, Hellenic American Union Conference Center, Hours: 09:00 18:00 4 Nov 2013 Conference Athens, Hotel Athenaeum Intercontinental, Hours:09:00 18:15 Registration Fees Workshop & Conference (2 & 4 November) Conference Early Bird Regular Fee 4 November ISACA members 150 170 50 Non ISACA members 220 250 80 More than 2 registrations from same company 190 210 70 Collaborative institutions 190 210 70 Students (undergrads only) 120 130 30 Only Conference fees are subject to 23% VAT. Workshop fee is covered by LAEK / OAED 0,45 (for Greek companies only) Registration to workshop grants free entrance to the Conference on November 4 th You may register at the Hellenic American Union. For further information, please contact: EleniTsirigoti, PMP ISACA Athens Chapter Vocational Training Section, Hellenic American Union www.isaca.gr, conference@isaca.gr Tel: 210 3680907, email: etsirigoti@hau.gr Premier Sponsors With the participation of Supporters Media Sponsors

2013 ISACA Athens Chapter Conference 4 November Agenda 08:00 Registration 08:45 Opening Remarks Dr. Dimitrios Gritzalis Conference Chairman, Professor of ICT Security, Athens University of Economics & Business Mr. Ioannis Lefkakis, CISA, CRISC, CFE ISACA Athens Chapter President Dr. Christos Dimitriadis, CISA, CISM, CRISC ISACA International Director, Group Head of Information Security, Compliance & Innovation, Intralot Group 09:00 09:40 1 ISACA KEYNOTE Presentation Emerging IT Trends and their Implications to the Audit Profession Mr. Gregory Grocholski, CISA Global Business Finance Director for The Dow Chemical Company, ISACA International President 2012 2013 09:40 10:30 ENISA and ISACA Workshop Addresses Cybersecurity Challenges for Telecom Operators and Regulators Dr. Christos Dimitriadis, CISA, CISM, CRISC ISACA International Director, Group Head of Information Security, Compliance & Innovation, Intralot Group Dr. Evangelos Ouzounis Head of Unit Secure Infrastructure and Services, ENISA 10:30 10:50 International Presentation TBA 10:50 11:15 Coffee Break Mrs. Charlie McMurdie Senior Cyber Crime Advisor at PwC, Former Head of Law Enforcement National Cyber capability, Police Central e Crime Unit, Metropolitan Police UK 11:15 11:30 About ISACA International Answer & Win! 11:30 12:10 2 ISACA KEYNOTE Presentation IT Governance and Emerging Trends Mr. Georges Ataya, CISA, CGEIT, CRISC, CISM, CISSP Past ISACA International VP, Managing Partner at ICT Control Professor at SolvayBrusselsSchool 12:10 12:40 3 INVITED EXPERT Presentation VoIP Forensics Dr. Vasilis Katos, CHFI Associate Professor at Democritus University of Thrace ISACA Academic Advocate 12:40 13:00 Presentation Using Data Analytics and Continuous Auditing for Effective Risk Management 13:00 14:00 Lunch Break Mr. Iraklis Kanavaris, CISA, ISO 27001 LA SupervisingSenior Advisor, KPMG Advisors AE 14:00 14:40 4 ISACA KEYNOTE Presentation Geo Location: Risks, Strategies and Audit Aspects Mr. Urs Fischer, CISA, CRISC, CIA, CPA Member of ISACA/ITGI's Nomination Committee, Owner & CEO Fischer IT GRC Consulting & Training 14:40 15:10 Round Table Discussion: Cloud Computing "Sharing the Governance Burden: Getting Compliant in the Cloud" With the participation of Unisystems 15:10 15:40 5 INVITED EXPERT Presentation Advanced Persistent Threat vs Defenders: Why we keep losing this game Mr. Nikolaos Virvilis, CISA, CISSP, GPEN Information Assurance Scientist, NATO Communications & Information Agency 15:40 16:00 Presentation Protecting from NextGen Hacking Targets: From Information Driven Security to the Assurance of Everyday Life 16:00 16:25 Coffee Break Dr. Emmanouil Serrelis, CISM Information Security Expert 16:25 16:40 About ISACA Athens Chapter Answer & Win! 16:40 17:00 Presentation TBA Sponsor Slot TBA 17:00 17:20 Presentation The OWASP Hackademic Challenges Project Dr. Vasileios Vlachos Lecturer at Technological Educational Institute of Thessaly ISACA Academic Advocate 17:20 18:00 ISACA Round Table Discussion: Emerging Trends Have they emerged or the wave has yet to come? 18:15 End of Conference Mr. Gregory Grocholski, Dr. Christos Dimitriadis, Mr. Georges Ataya, Mr. Urs Fischer Check at www.isaca.gr or www.hau.gr/management for more updates

Find out more about our speakers and the program KEYNOTE PRESENTATIONS Emerging IT Trends and their Implications to the Audit Profession with Gregory Grocholski,CISA, Global Business Finance Director for The Dow Chemical ISACA International President 2012 2013 Abstract:No one doubts or questions the impact of technology in social and business environments. The challenge for organizations will be to understand the risks, balance cost versus controls, and ensure critical assets are secured in a manner yet to allow for the optimal use of those assets. The audit profession needs skilled IT auditors to adequately address emerging IT trends, risks and the pace by which all of this is occurring. BIO: Gregory T. Grocholski, CISA, is a global business finance director for The Dow Chemical Company, at the global headquarters in Midland, Michigan, USA. Grocholski has 30 years of experience with Dow serving in various capacities and managerial positions, including accounting, information systems, auditing, and controllers. Recently, he served as the company s chief audit executive leading the Corporate Investigations Services group and was accountable for Dow worldwide audit activities in the Finance, IT, and operations areas. ENISA and ISACA Workshop Addresses Cybersecurity Challenges for Telecom Operators and Regulators with Dr.Christos Dimitriadis,CISA, CISM, CRISC, Group Head of Information Security, Compliance and Innovation for Intralot Group Director at ISACA International BoD and with Dr. Evangelos Ouzounis, Head of Unit Secure Infrastructure and Services, ENISA Abstract: TBA BIO: Christos K. Dimitriadis, CISA, CISM, CRISC, is an International Vice President of ISACA. He also is the Group Head of Information Security, Compliance and Innovation for Intralot Group, a multinational supplier of integrated gaming and transaction processing systems based in Greece, managing information security in more than 50 countries in all continents. Mr. Dimitriadis has served ISACA as chairman of the External Relations Committee and member of the Relations Board, Academic Relations Committee, ISACA Journal Editorial Committee and Business Model for Information Security Workgroup. Mr. Dimitriadis has been working in the area of information security for 11 years and has authored 70 publications in the field. He has been providing information security services to the ITU, European Commission Directorate General, European Ministries and international organizations, as well as business consulting services to entrepreneurial companies. Mr. Dimitriadis received a diploma of electrical and computer engineering from the University of Patras, Greece, and a Ph.D in information security from the University of Piraeus, Greece. Christos was awarded in 2013 with the John W. Lainhart IV Common Body of Knowledge Award by ISACA International. BIO: Dr. Evangelos Ouzounis is the head of ENISA s Resilience and Critical Information Infrastructure Protection (CIIP) Unit. His unit implements EU Commission s CIIP action plan, organises the CIIP exercises (e.g. Cyber Europe 2012/10, Cyber Atlantic 2011), facilitates Member States efforts towards a harmonised implementation of incident reporting scheme (article 13 a of new Telecom Package), and develops good practices for national cyber security strategies and national contingency plans. ENISA s Resilience and CIIP Unit runs also numerous other studies on cyber security aspects of critical sectors and services like Industrial Control Systems SCADA, Smart Grids, Cloud Computing, Botnets and Interconnected Networks. The Unit also issues strategic recommendations and develops good practices for relevant stakeholders. Prior to his position at ENISA, Dr. Ouzounis worked several years at the European Commission, DG Information Society and Media (DG INFSO). He contributed significantly to EU Commission s R&D strategy and policies on securing Europe s infrastructures and services. Dr. Ouzounis was co founder of Electronic Commerce Centre of Competence (ECCO) at Fraunhofer Institute for Open Communication Systems (FhG FOKUS, Berlin, Germany). He led and managed more than 20 pan European and International R&D projects. Dr. Ouzounis holds a Ph.D from the Technical University of Berlin and a master in computer engineering and informatics from the Technical University of Patras, Greece. He was a lecturer at Technical University of Berlin, wrote 2 books and more than 20 peer reviewed academic papers and chaired several international conferences.

IT Governance and Emerging Trends With Georges Ataya,CISA, CGEIT, CRISC, CISM, CISSP, Managing Partner at ICT Control Professor at Solvay Business School Past ISACA International VP Abstract: TBA BIO: Professor Georges is the Academic Director of IT Management Education at Solvay Brussels School of Economics and management (Executive Education). He is also a Professor at the Master in Management delivering Enterprise Consulting workshop since 2006 and in charge of IT Governance from 2011 (Master Graduate study). solvay.edu/it. As a Managing Partner with ICT Control (a Brussels based firm) he is involved with consulting and Management advisory in the domains of IT Governance, Information Security Management, Enterprise architecture and sourcing management. Ictc.eu Geo Location: Risks, Strategies and Audit Aspects with Urs Fischer, CISA, CRISC, CIA, CPA, Owner & CEO Fischer IT GRC Consulting & Training, Member of ISACA/ITGI's Nomination Committee Abstract: Geo location data, revealing an individual s physical location, are obtained using tracking technologies such as global positioning system (GPS) devices, Internet Protocol (IP) geo location using databases that map IP addresses to geographic locations, and financial transaction information. Uses of the information are myriad, including direct marketing and context sensitive content delivery, monitoring of criminals, enforcing location based access restrictions on services, cloud balancing, and fraud detection and prevention. Geo location technologies and their application, while offering social and economic benefit to a mobile society, raise significant privacy and risk concerns for individuals, businesses and governments. In this presentation you will learn about the risks involved, the strategies to response to this risks and the audit aspects to cover. BIO: Since October 2010, Urs Fischer is working as an independent IT GRC consultant and trainer. He was vice president and head of IT governance, risk management and IT Security within the Swiss Life Group from December 2003 through September 2010. Prior to that the worked for 4 years as head of IT audit for the Swiss Life Audit Department based in Zurich, Switzerland. Since 1989, Fischer has worked in the IT Governance, audit and security areas and has gained extensive IT governance, risk management and information systems security work experience, especially in the finance and insurance area. In 2010, as recognition of his major contributions to the development and enhancement of the common body of knowledge used by the constituencies of ISACA in the field of IS audit, security and/or control and risk management, IS risk management certification, Fischer received the "John Lainhart IV Common Body of Knowledge Award". VoIP Forensics with Dr. Vasilis Katos, CHFI, Associate Professor and Director of the Information Security and Incident Response Research Unit, Department of Electrical and Computer Engineering, Democritus University of Thrace ISACA Academic Advocate Abstract: VoIP services are becoming very popular and are adopted by many organisations and individuals. In this presentation, we will examine common security threats against VoIP infrastructures and the relevant forensic artefacts that can be obtained during an investigation in order to identify the threat sources. We will show how analysis can be performed over a popular Voice over IP (VoIP) protocol and propose a framework for capturing and analyzing volatile VoIP data in order to determine forensic readiness requirements for effectively identifying an attacker. We will establish that if forensic readiness processes and controls are in place, a wealth of evidence can be obtained, such as the private IP addresses of the attacker even during the presence of NAT services, as well as the type of end user equipment of the legitimate users and the attack tools employed by the malicious parties. BIO: Dr. VasilisKatos, CHFI, is Associate Professor and Director of the Information Security and Incident Response Research Unit at the Department of Electrical and Computer Engineering at the Democritus University of Thrace. Prior to this post, he was Principal Lecturer at the University of Portsmouth and tutor for the MSc in Forensic IT programme. Dr. Katos has worked as an expert witness in the UK and as a security architect for Cambridge Technology Partners (Novell, Inc.) for a period of two years. His research interests are in the area of digital forensics and incident response.

INTERNATIONAL SPEAKERS SLOTS Presentation: TBA with Mrs. Charlie McMurdie, Senior Cyber Crime Advisor, PwC, Former Head of Law Enforcement National Cyber capability, Police Central e Crime Unit, Metropolitan Police UK (1981 2013) Abstract: TBA BIO: Charlie is an acknowledged cybercrime and security expert who has a proven and highly acclaimed reputation for generating strategic direction and delivery of operational capability to confront the impact of cybercrime whilst proactively utilising and responding to emerging technologies which fuel it. Completing almost 32 years service in the Metropolitan Police retiring at the rank of Detective Superintendent, Charlie is an individual who has breadth of vision, innovation and credibility as demonstrated in establishing and building the Police Central e crime Unit, that is now a world class cybercrime capability and the national cybercrime investigative and enforcement body in the United Kingdom. In addition Charlie is an internationally acclaimed authority and advisor on issues within government and industry in relation to the Internet, communication technology, computing and security sectors and an effective ambassador and negotiator with refined interpersonal and influencing skills who leads for UK policing on a range of strategic programmes and sensitive partnerships with the private sector, and who maintains a unique personal network spanning academia, industry, government, law enforcement, intelligence and security agencies internationally. Advanced Persistent Threat vs Defenders: Why we keep losing this game With Nikolaos Virvilis, CISA, CISSP, GPEN, Information Assurance Scientist, NATO Communications & Information Agency Abstract: As both the number and the complexity of cyber attacks continuously increase, it is becoming evident that current security mechanisms have limited success in detecting sophisticated threats. Stuxnet, Duqu, Flame, Red October and more recently Miniduke, have troubled the security community due to their severe complexity and their ability to evade detection in some cases for several years, while exfiltrating gigabytes of data or sabotaging critical infrastructures. The significant technical and financial resources needed for orchestrating such complex attacks are a clear indication that perpetrators are well organized and, likely, working under a state umbrella. In order to address such complex threats, we have to redesign our defenses from the ground, focusing on defense in depth and big data analytics BIO: Nikos Virvilis MSc, CISSP, CISA, GPEN, holds the position of Information Assurance Scientist at the Cyber Defense and Assured Information Sharing Division of NATO Communications and Information Agency in Netherlands. In the past, he has worked as an Information Assurance Consultant/Security Expert for Encode S.A. and the Hellenic Army. He got his Bachelor s degree from the Athens University of Economics and Business and his Master s from Royal Holloway University of London. He is a PhD researcher at the Athens University of Economics and Business focusing on Advanced Persistent Threat Detection and Mitigation, under the supervision of Prof. DimitrisGritzalis. SPEAKING SLOTS Using Data Analytics and Continuous Auditing for Effective Risk Management with Iraklis Kanavaris,CISA, ISO 27001 LA, Supervising Senior Advisor, IT Risk and Management Consulting, KPMG Advisors SA Abstract: Organizations are increasingly exposed to a variety of new risks such as growing compliance regulations, fraud schemes, operational inefficiencies and errors that can lead to financial loss or other operational risk, as well as, reputational damage. As a result, organizational efforts to adopt innovative ways to assess and manage risk and enhance performance are critical. Data analytics and continuous auditing/ monitoring have long been viewed as initiatives that can streamline business processes and mitigate business risks, by providing operational efficiencies, reducing costs and detecting potential fraud, errors and abuse earlier all while providing a higher quality audit. It is also increasingly becoming a way for organizations to create value. BIO: Iraklis Kanavaris has more than ten years of professional experience in Information & Communications Technology (ICT) and IT Risk Management. His primary professional focus is on the areas of IT GRC, IT Audit and Information Security.

During his professional carrier, he has assisted many organizations, from various industry sectors, in the alignment of IT strategic objectives with key business objectives, the implementation of cutting edge IT solutions, as well as, with the effective management of IT related business process and security risks in compliance with regulatory frameworks (e.g. SOX 404). He has also extensive experience in the areas of IT risk assessment, IT attestation (SOC1/SOC2 and ISAE 3402), IT duediligence and in the development of business continuity & disaster recovery plans. Mr Kanavaris holds a BSc in Computing and Management (University of Essex, UK), and a MSc in Information Technology for E Commerce (University of Sussex, UK). The OWASP Hackademic Challenges Project with Dr.Vasileios Vlachos, Lecturer at Technological Education Institute of Thessaly ISACA Academic Advocate Abstract:The OWASP Hackademic Challenges Project is an open source project that helps students test their knowledge on web application security. The Hackademic Challenges implement realistic scenarios with known vulnerabilities in a safe, controllable environment. Users can attempt to discover and exploit these vulnerabilities in order to learn important concepts of information security through the attacker's perspective. BIO:Dr. Vasileios Vlachos is a lecturer at the Department of Computer Science and Engineering of the Technological Educational Institute (TEI) of Thessaly. He is a senior R & D engineer at the Research Academic Computer Technology Institute (R.A.C.T.I.) of Patras, Greece. He was a member of the Digital Awareness and Response to Threats (DART) team of the Special Secretariat for Digital Planning of the Hellenic Ministry of Economy and Finance. Dr. Vlachos holds a Diploma of Engineering in Electronic & Computer Engineering from Technical University of Crete, an MSc in Integrated Hardware and Software Systems from the Department of Computer Engineering and Informatics of the University of Patras and a PhD in Information Systems Security from the Department of Management Science and Technology of the Athens University of Economics and Business. Dr. Vlachos has taught at the University of Thessaly, the University of Central Greece and the University of Piraeus. He is co founder and coordinator of the DART NGO (Non Governmental Organization). Protecting from NextGen Hacking Targets: From Information Driven Security to the Assurance of Everyday Life with Dr. Emmanouil Serrelis, CISM, PhD (InfoSec), Information Security Expert Abstract: Are your TV, washing machine and car protected from hacking attempts? Are you? Security threats are not just for financial institutions and information driven environments any more. Hackers aim for everyday people targeting commercial and consumer appliances. This session presents some of the most noteworthy next generation hacking targets, discussing what should other industries learn from information security aware organizations as well as how they will build up a realistic risk reduction action plan. BIO: Emmanouil Serrelis (BEng, MSc, MBA, PhD, CISM) is an Information Security expert lecturer with over 17 years experience in the areas of Information Technology, Telecommunications, Business Administration and Security Management. He has been an Information Systems Security Officer in a large financial institution and coordinator of numerous InfoSec projects (Private, Public, European, Applied and Research), member of Technical Committees and speaker at multiple scientific and technical conferences. He has been the author of various publications and his main research interests are Information Security Metrics, Management of Critical Information Systems and Secure P2P Electronic Financial Services.

Conference Chairman Dr. Dimitrios Gritzalis, Professor of ICT Security, Director of the M.Sc. Programm, Director of the Information Security and Critical Infrastructure Protection Laboratory, Dept. of Informatics, Athens University of Economics and Business BIO: Dr. Dimitris Gritzalis is a Professor of ICT Security, the Director of the M.Sc. Programme, and the Director of the Information Security and Critical Infrastructure Protection Laboratory, with the Dept. of Informatics of the Athens University of Economics and Business. He holds a B.Sc. (Mathematics, Univ. of Patras), a M.Sc. (Computer Science, City University of New York), and a Ph.D. (Critical Information Systems Security, Univ. of the Aegean). Prof. Gritzalis has served as Associate Commissioner of the Greek Data Protection Commission and as the President of the Greek Computer Society. For more than 25 five years he has participated in more than 100 research and consulting projects. His technical publications include 10 books and more than 150 papers. His current research interests focus on privacy in the social media, digital forensics, and critical information infrastructure protection. Check at www.isaca.gr or www.hau.gr/management for more updates

Pre Conference Workshop Athens, 2 November 2013, 09:00 17:00 Overview This year the pre conference workshop is consisted of two specific sessions, each one lasting approximately 3½ hours. The first session focuses on management of IT related business risk as an essential component of IT governance and is based on recently launched COBIT5 framework. Facilitator is Mr. Urs Fischer who has served ISACA from various positions until today, among of which are Chair of ISACA's & IT Governance Institute's Risk IT Task Force and Member of the COBIT Steering Committee and of the Credentialing Board Chair ISACA's CRISC Committee. The second session is a hands on experience on the processes, methodologies and tools used during an incident response and conducting a forensic investigation. Facilitator is Dr. VasilisKatos, Associate Professor and Director of the Information Security and Incident Response Research Unit at the Department of Electrical and Computer Engineering at the Democritus University of Thrace, who has long served as an ISACA Academic Advocate. 1 st Session WS1 IT Risk Management based on COBIT5 (for Risk) Facilitator: Urs Fischer, CISA, CRISC Owner, Fischer IT GRC Training & Consulting Abstract: Effective management of IT related business risk has become an essential component of IT governance. To recognize the complex and diverse role that risk plays, it is essential to develop a clear understanding of the risk universe, appetite and culture within your enterprise. It is also important to be able to identify and classify different types of risk, and choose an applicable analysis method for your enterprise. Leading the drive to help organizations mitigate risks, ISACA has developed several guidance (especially COBIT 5 for Risk) to help an organization manage their IT related risk. This half day, instructorled workshop will provide the essential building blocks to develop a risk management plan. It describes the principles of IT risk management, the responsibilities and accountability for IT risk, how to build up awareness, and how to communicate risk scenarios, After completing this session, you will be able to: Describe the principles and methodology of IT risk management Discuss aspects of risk culture and how they affect risk management Understand risk appetite, risk tolerance and target risk concepts Describe and understand IT related risk using risk scenarios analysis, know how risk scenarios can be constructed Determine what data to collect and where to collect it to monitor and respond to risk Discuss several methods to describe impact and magnitude of IT events in business related terms Describe risk responses suitable for different risk scenarios Develop risk response plans

2 nd Session WS2 Digital Forensics and Incident Response Facilitator: DrVasilisKatos, CHFI Associate Professor and Director of the Information Security and Incident Response Research Unit at the Department of Electrical and Computer Engineering at the Democritus University of Thrace. Democritus University of Thrace, ISACA Academic Advocate Abstract: When most modern information systems eventually fail, it is not a matter of "pulling the plug" or rebooting the system; recovery may involve litigation which in turn requires the collection, preservation and analysis of digital evidence in order to allow the identification of the cause of the failure. Digital forensics and incident response is about handling information security failures and cybercrime related incidents in general, in a way that the collected evidence are admissible that is, they are accepted as evidence in a court of law. The workshop is about the processes, methodologies and tools used during an incident response and conducting a forensic investigation. After completing this session, you will be able to: Appreciate the challenges first responders and forensic analysts may face during a security incident Understand the different phases of a forensic investigation Acknowledge the wealth and variety of the many forms of cybercrime Obtain knowledge on a selection of tools used in incident response and forensic analysis Understand the need of forensic readiness for an organization Information This workshop grants 8 CPEs and 2 PDUs. This is a training, highly interactive workshop, therefore participation is limited. Participants will be accepted on a first come first served basis. To secure your place, please register on time. Official language: English

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback