Track: Cyber Security

Nowadays, there is no sector of the economy that is not deeply involved in digital transformation projects. In the particular case of the industry, there is a common pattern in these projects: the need to connect and, consequently, expose business assets that have traditionally been isolated and that perform critical functions (e.g. automation cells, electrical substations, pumping stations, robots... ), which makes cybersecurity more relevant. In this keynote, we will share our experiences helping our clients navigate the digitization process while successfully managing cybersecurity risks.

Nowadays, there is no sector of the economy that is not deeply involved in digital transformation projects. In the particular case of the industry, there is a common pattern in these projects: the need to connect and, consequently, expose business assets that have traditionally been isolated and that perform critical functions (e.g. automation cells, electrical substations, pumping stations, robots... ), which makes cybersecurity more relevant. In this keynote, we will share our experiences helping our clients navigate the digitization process while successfully managing cybersecurity risks.

Join us for a deep-dive of what’s happening on the Internet here and now, with a focus on the latest Distributed-Denial-of-Service, or DDoS, attack threat landscape — and how they target critical infrastructure. We will cover DDoS attack trends we see from the unique vantage point of the Cloudflare global network, review Ransom DDoS attacks that targeted an energy provider, and review their lessons learned to guide you on the steps you can take to defend your critical infrastructure assets.

The medicine which is provided to the patient is linked to a huge amount of data, so the data linked to the patient’s health is much more than the personal patient’s data

Cybersecurity is often perceived as expensive, but this perception can change if we analyze the benefits of a SIEM implementation. During the session we will discuss: • The reasons to measure cost savings for a SIEM deployment. • Ways to quantify the benefits of a SIEM solution. • Three perspectives of cost savings: compliance reporting, operational efficiency, and breach impact mitigation. • How to calculate cost savings for a SIEM deployment using an example.

The impact and the toll that Covid'19 had on our lives is undeniable. Ranging from vaccine-related cyberespionage operations, designed to steal formulas and accelerate development, to news-driven and Covid-19 themed spearphishing attacks, 2019 and 2020 have been a rough ride. Yet, the most significant and long lasting impact was probably the paradigm change that came with WFH - “Work from home”. Rushing to adjust their networks and remote work strategies, companies opened new vulnerabilities and threat actors were quick to take advantage. In addition to the nation states, professional ransomware groups, hacking collectives such as Lapsus$ or Guacamaya and hacktivists boosted their arsenals and spiced up their operations turning the internet into a battleground. In this presentation, we will cover: • Threat overview and main trends during the Covid-19 years • The rise of professional ransomware groups and hacking collectives • Cyberwar or not? The armed conflicts, role of IoT hacking, key attacks • O Cybersecurity Congress room

When it comes to improving cybersecurity, IoT has been of particular focus with mandates and regulations popping up at federal, state, and industry levels. If those weren’t challenging enough to navigate, there’s also the inevitable threat of post quantum. When a quantum computer is realized that can break traditional cryptography in use today, organizations need to be ready – and that preparation will take several years. Join this session to hear about some of the challenges that have arisen with IoT regulations, IoT security, and the impact post quantum will have in this place.

We know that modern day software supply chains continue to grow deeper, wider, and more complex. That complexity can make it challenging for customers to even know where to begin analyzing their supply chains for security issues. At Google Cloud, we’re deeply committed to working with our customers to help ensure that they have the support they need to evaluate their security posture, resiliency, and hygiene. We suggest five steps to protect software across processes and systems

European funded projects like “REWIRE Cybersecurity Skills Alliance – A New Vision for Europe” aim at addressing the existing skills gaps in the cybersecurity sector through the development of skills framework, blueprint & through the delivery of training programs. During the session, the current cybersecurity needs of the industry will be analysed, reviewing recent educational and training initiatives, and we will have the opportunity to provide knowledge about the European Cybersecurity Blueprint, a skills framework describing the various job profiles, skills and knowledge relevant for cybersecurity, in an organized manner, and building upon already existing work.

In this round table, organised by Women4Cyber Spain, we will count on the presence of referents from different industries and profiles to benefit from their experiences on the main questions that Board directors and company executives should ask themselves about cybersecurity in their organisations. Security is fundamental to business and therefore, it should be a topic addressed by executives on the Boards of all organisations regardless of size and sector. In this conversation, we will share some thoughts on the day-to-day business security risks and challenges we face to ensure business continuity. Boards and senior management can and should be key participants in defining cyber security strategy and it is critical that they are able to understand and address these challenges. Preparedness is key to managing any cyber security incident the company may experience, and its implications.

In this round table, organised by Women4Cyber Spain, we will count on the presence of referents from different industries and profiles to benefit from their experiences on the main questions that Board directors and company executives should ask themselves about cybersecurity in their organisations. Security is fundamental to business and therefore, it should be a topic addressed by executives on the Boards of all organisations regardless of size and sector. In this conversation, we will share some thoughts on the day-to-day business security risks and challenges we face to ensure business continuity. Boards and senior management can and should be key participants in defining cyber security strategy and it is critical that they are able to understand and address these challenges. Preparedness is key to managing any cyber security incident the company may experience, and its implications.

How to effectively transition from an endpoint centric approach to a data platform?

The main goal of the eFORT project is to improve the reliability, resiliency, and security of Electrical Power and Energy Systems (EPES). In order to achieve this goal, the project brings together 23 partners covering the entire value chain to develop innovative solutions for this purpose and to validate them in relevant environments.

This panel is composed of three high-level speakers, representing different European governments. They are going to discuss on their cybersecurity strategies, and they will share with the audience some of their

Operation is critical part of every Business whereas Industrial Cybersecurity is critical part of every Operation. Mission of Industrial Cybersecurity Practice is to protect the Operation. To deliver it, we must achieve and maintain OT-IoT Visibility that is required to design, tailor and implement Industrial Cybersecurity Solutions for the organizations. The presentation offers a practical approach to providing OT-IoT Visibility empowered by Digital Twins and advanced technologies (ML, AI) that transfer real-time data into cyber-operational intelligence to drive objective business decisions.

It is unthinkable to consider AI without knowing the mandatory nature of a data Protection impact assessment. GDPR obliges all subjects who have treatments with the use of innovative systems such as artificial intelligence, to carry out a impact assessment. It is a procedure aimed at describing treatments included in the AI project and to understand the risks for violations of human rights. The DPIA can be concluded simply with the decision of particular safety measures to be taken or even with the need to make certain corrective measures to the project that make it compliant with the gdpr.

The aim is to explain how the European Commission is fostering European research on cybersecurity to enhance the security of its citizens by means of Horizon Europe funding schemes. Besides a general approach explaining the European view and methodology to face cybercriminality, it will be addressed how we work on it from a R&D on security perspective, as an experienced end-user, with more than 30 EU funded projects since 2005. On the other hand, it will be discussed new methods to prevent, investigate, and mitigate cybercriminal behaviour, with a particular focus on young cybercriminality, directly involving police forces in this task.

Franky Thrasher will provide insights on how Supply chain security has a direct impact on cybersecurity in critical infrastructure by showing several known examples that have been under our nose all these years.

Based on his own experience he will offer insights on how things could and should evolve in the future.

The Next Generation Security Operation Center (SOC) presentation will cover the latest trends and best practices in advanced remote SOC capabilities, with a focus on Threat Intelligence role withing modern Cyber Defense Strategy. As practitioners in Managed Services and CTI we are going to cover an overview of advanced technologies and techniques that can be used to improve the effectiveness of remote SOCs. Nowadays, and due to the increasingly advanced threats, it is necessary to evolve the traditional SOC approach towards a service based on automation and predictive capabilities. The specific use case model for verticals or business continues to be fundamental, but it is increasingly necessary to complement it with Artificial Intelligence and automation capabilities, to identify malicious behavior patterns, advanced network analytics and automation capabilities to respond as soon as possible to certain problems that may arise in the customer infrastructure. Additionally, the presentation will discuss the role of threat intellige Cybersecurity Congress room

Having a successful security posture is more easily said than done. It takes a well-designed strategy for a host of multi-faceted parameters to come together to truly bring security to an organization. Security Culture, being the ideas, customs, and social behaviors of an organization that influence security, is a powerful tool to help nurture and sustain that which keeps your organization safe. In this session, we'll hear from industry expert Jelle Wieringa about how to use security culture to your advantage. Based on statistics from academic research, combined with real-world experience, you'll hear everything you need to know to better understand what it can bring you and your organization. In this session you will learn: •What defines a Security Culture; •How can you measure and better understand your existing security culture; •What are proven and practical ways to grow your security culture?

The importance of the network context, what issues we see and how we can overcome some of those challenges with collaboration and new forms of technology

IIoT is being adopted very rapidly in the industrial environment due to the implementation of Industry 4.0. Like the adoption of Ethernet within industrial facilities, IIoT offers many advantages, but if poorly implemented, it also brings many security issues associated with it. Just as there is a reference model for typical industrial network architectures, there is also a model for IIoT. The IIoT presents new risks to the industrial environment, stemming from its new communication paths and reliance on the Internet for cloud services. New cybersecurity solutions and strategies must be implemented to address these risks.

The talk will cover the adoption of IoT within the smart built environment, the cybersecurity challenges it brings and how we address the knowledge/skills gaps

•     Industry Challenges & Driving Motivation •     How did we overcome? •     Lessons Learned •     Worldwide Examples & Best Practices •     Future of the Industry