INFOSEK 2017
INFOSEK 2007 - Nova Gorica
Slovensko
English
22. - 23. 11. 2007
Read the past conference participants opinions.

Interesting, current, good selected topics. For the next time come with me, to avoid to feel sorry when I will be resuming its contents.

Mladen Terčelj, NLB d.d.

LECTURES 2018

INFOSEK

Protect, detect & respond - 3 key pillars of IT security, Zsolt Pótor, Softline
Successful businesses realize and leverage the power of mobility to support employee productivity and collaboration. Companies need to be prepared to mitigate the risks of providing freedom and space to the employees. IT needs to meet compliance and regulatory standards, maintain company security policies and requirements, and detect threats — all the while giving workers a better and more productive experience, so that they’re motivated to follow protocol. The 3 key pillars of IT security ensure management and protection across four key layers, users, device, app, and data – for employees, business partners, and customers while providing them access to everything they need from anywhere and any device.

Red Team, Detect and Respond to Human-conducted targeted Cyber Attacks, Ian Whiteside in Barbara Puklavec, F-Secure
Advanced targeted attacks have the potential to cause damages, on the average of $4 million. On the other hand building yourself a detection & response capability (from the ground up) takes long and becomes expensive, if hiring and training a sizeable skilled cyber security staff is even feasible. In addition, too many suspicious events are generated for the IT team to filter out as a real and high priority threats – it is like looking for a needle in the haystack. 
We are going to first talk about F-Secure’s red team tricks, trades and some common “how to get in” hacks. Next, we will cover managed detection and response models that you can easily adapt to help you with not only your post breach strategy related to targeted attacks but also your compliancy needs such as GDPR. Lastly we will present an exciting case study.

How to protect your keys to the kingdom?, Charlotte Archer, Thycotic Software
Find out how and why privilege accounts are the most vulnerable aspects to any organisations IT Infrastructure and how to manage them.

Cyber-fraud: how to protect against identity theft? Open Banking, PSD2 and GDPR compliance's requisites, Olivier Thirion de Briel, HID Global
As the digital world is expanding, cyber-fraud, like digital identity theft, continues to grow in volume and complexity. The regulators are defining new rules to protect the end-users and to make sure he keeps the ownership of his data.
In the banking sector, those regulations like PSD2 are disrupting the ecosystem. New business opportunities and new players appear, bringing new security challenges.
Therefore organizations need to go to the next level in protecting the digital identity of their customers and employees. But the hassle of better protecting them should not lie on the user’s shoulders. That is why organizations need to reinforce digital identity security while keeping a user centric approach.

Learn Defence Like a Hacker, Jaanus Kink, RangeForce
There are many cyber security courses available for pen-testers where the student learns about hacking.
But what about defence?
In today's world every IT expert should know how to be a defender.
How to teach developers and system administrators about defence?
Introduction to a new way of training IT experts on Cyber Security by example of Microsoft.

SQL Server Encryption Everywhere, Tobiasz Janusz Koprowski, Shadowland Consulting 
One of the easiest ways to protect our data is by using encryption. A decade ago it was a very expensive process, we need to have enterprise licenses around us. Now - in the advent of AD 2019 - we only need to spend some time to implement it. Transparent Data Encryption, Dynamic Data Masking, Client Encrypted Connection, Always Encrypted and BitLocker - all of those features are available for free. So... Let's Encrypt Everything!

Resilience and crisis management, Roger Gomm, Roger Gomm Ltd. & Metropolitan police
Areas: What is a crisis? Processes that drive crisis management – situation – direction – action; application of Integrated Emergency Management (IEM); example of a cyber threat scenario ‘prepare’, respond, recovery.

NAT64 eksperimenti v Go6Lab-u in orodje NAT64Check, Jan Žorž, Go6 / Internet Society
As many mobile operators were moving to IPv6 only which is incompatible with IPv4 on the wire, it’s necessary to employ transition mechanisms such as 464XLAT or NAT64. The Go6lab NAT64/DNS64 testbed was therefore established so that operators, service providers, and hardware and software vendors can see how their solutions work in these environments.
This has already generated significant interest, and instructions on how to participate are available on the Go6lab website.
When using NAT64 there are many things that need to be checked to ensure they work correctly. NAT64check has therefore been developed to allow websites to be checked for consistency over IPv4, IPv6-only and NAT64, as well to compare responsiveness using the different protocols. This allows network and system administrators to easily identify anything is ‘broken’ and to pinpoint where the problems are occurring, thus allowing any non-IPv6 compatible elements on the website to be fixed. For example, even if a web server is not running IPv6 (why not?), hardcoded
IPv4 addresses can cause NAT64 to fail.

Industry 4.0 Under Attack: On the Security of Industrial Robot, Marcello Pogliani, Politecnico di Milano
The fourth industrial revolution calls for interconnected controlled manufacturing systems, from industrial robots, to 3D printers, and more.
Despite the obvious advantages of the Industry 4.0 paradigm, from the ease of maintenance to the increased productivity, the interconnection raises important (cyber)security concerns.
To shed a light on this topic, we recently analyzed the security of modern industrial robots: the most representative instance of a complex and automatically controlled industrial device.
In this talk, we cover the main aspects of our research, demonstrating how attackers can compromise industrial robots up to the point where they can alter the manufactured product, physically damage the robot, steal industry secrets, or injure humans. We will explain what makes these devices attractive for attackers, whether they are hard to compromise, and why it is challenging to improve their security.

4th Pillar, Tali Režun, 4th Pillar
4th Pillar is a technology infrastructure, where we are developing several projects – FOURdx, FOURid, and FOURhr. Up to now, nobody has created a DLT based multiple wallet and document management system that is capable of handling the professional needs of an organization and the individual. This framework connects companies, and employees, schools, and students, hospitals, and patients, even the state, and citizens. There are no limits. We offer the infrastructure with which you will be able to exchange digital assets in a safe and secure way directly, without intermediaries. We offer the ecosystem where individuals can create their digital self-sovereign identity as well as recruit based on verified work history.

“My malware” vs “Windows 10 security features” …see the outcome, Mane Piperevski, Piperevski & Associates
In martial arts, you always exploit your opponent’s weakness. We now know their weaknesses, as they know that they cannot make 100% security. But in Windows, the weakness changes all the
time so it’s ongoing cat and mouse game. See how XOR encoding, polymorphic code and other techniques fight Windows 10 security features.

What’s Missing in Your Digital Transformation Plan?, Tomislav Tucibat, Fortinet
What do we call DX? We are struggling to encapsulate what is probably the biggest revolution of our time. It affects everything, everywhere… and that is not easy to comprehend. It touches and impacts everyone of us here in almost every aspect of our lives – professional, personal and social. While the adaptation to digital transformation (DX) to enable data-driven decision business models is necessary for successful business today, there are 4 key pillars of security that must be addressed to mitigate threats from entering the network.

Emerging threats by SANS Internet Storm Center, Bojan Ždrnja, Infigo IS d.o.o.
In last couple of years we have witnessed some sophisticated (and some less sophisticated) attacks that severely impacted businesses around the world, causing millions of EUR in damage.
SANS Internet Storm Center has been following and analyzing various attacks for more than 2 decades. In this presentation, Bojan Zdrnja, senior SANS Internet Storm Center handler will introduce the Internet Storm Center and will talk about 3 new emerging threats that are slowly becoming prevalent.

Automotive security, Stefano Longari, Politecnico di Milano
The automotive industry is finally starting to put focus on the security of vehicles and networks, accepting the dangerousness of cyberattacks even in a field that up until some years ago was not really related to computer science. Still, being it a new field in continuous development, a lot of tools for the development of secure infrastructures and networks are yet to be proposed. We propose a methodology, and alongside it a tool, to help analysts while designing and assessing the security of vehicle on-board networks. The tool proposes first a set of values to the analyst that help understanding the strong and weak points of a given architecture and then through those values proposes multiple countermeasures against the most dangerous attacks.

Regaining Lost Visibility, Emir Arslanagic, Qualys GmbH
Qualys new groundbreaking Global IT Asset Inventory solution, is always up to date with two-way CMDBs synchronization, which enables large and small enterprises to regain full visibility across all assets, regardless if they are on-premises, or in cloud(s), are they mobile or stationary including OT/IOT environments.
See how in a single-pane view, you can benefit from real-time analysis of your security and compliance posture, identify in seconds assets that are vulnerable to zero-day attacks, or that have been compromised or are suspicious.

Combining IoT and Video Analysis for Security and Retail Applications, Günther Bauer, IoT40 Systems GmbH 
The Industrial Internet of Things has a lot to offer, when it comes to security applications. IoT is about connecting to sensors and other sources of information, determining a status and adequate, timely and hopefully intelligent (counter-) reaction. Video is a widely used instrument in security but usually associated with control rooms, where employees watch monitors in order to detect and react upon irregularities. After all, observing something and reacting upon visual information is one of the best-developed human capabilities.
IoT40 Systems has seamlessly integrated both technologies years ago and was able to experience pros and cons of such integrated security solutions in different application areas. The system has already proven to address several critical aspects. The rule based and fully automated response to security incidents triggered by image understanding and consequently triggered action works reliably and can be adapted or even be self-adapting to achieve a level of oversight and endurance that human operators have difficulties to deliver. There is no programming required to interpret and act upon visual analysis and image understanding. Customers can choose any level of automation and decide when and how human operators are involved, e.g. to meet compliance or legal requirements. 
We will also discuss the usage of video analysis systems in retails IoT40 Systems has developed a smart cooling shelf which is able to categorize customers dependent on gender, age and general buying behavior.

How malware can empty your Bank - the evolution of financial malware and the deception of next-gen Security Solution, Antonio Pirozzi, Emaze - Cybaze
Everything started with the propagation of Zeus Banking Trojan in the 2007. the Zeus financial malware managed to steal nearly $100 million. meanwhile, Dridex, another pervasive financial malware, caused $40 million in damages in 2015 alone.
Since Zeus’s release, the number of Banking Trojan has increased dramatically and over the year cybercriminal have adopted novel techniques to obstruct and slowing analysis. This evolution demonstrates a worrying trend of cybercriminals using covert APT-style reconnaissance and customized malware.
In this research will be shown the most famous financial malware phenomena and their sophisticated evasion, infection, and propagation techniques employed in order to bypass also next-gen endpoint security solutions. Of course, just providing a multitude of powerful endpoint security layers is not enough.
Will be illustred the state of art of AI in Security Solution and their blind spots, Adversarial AI and a look at Immune systems. 
In the end will be shown how crooks could abuse cryptocurrencies to implement new opaque and reliable infrastructure for malicious purpose and we we’ll discuss about some open points.



GDPR (DPO)

Integrating personal data protection into daily routine, Stanko Cerin, Ostendo Consulting and Bojan Brodar, Telemach d.o.o.
“DP” in GDPR stands for data protection, but GDPR doesn’t explain what exactly is expected from organizations to do to protect personal data. Privacy by default is probably the less explained GDPR requirement, but this is exactly the part Telemach focuses most. In this presentation, we’ll show how to embrace privacy by default principles. It is a long way to go, but we are already on it.

 

CIO FORUM

Improve security skills for your IT Force (almost for free), Tobiasz Janusz Koprowski, Shadowland Consulting 
As IT Managers we have responsibility. When we will face a data breach or sophisticated vector attack, we could say that it's a mistake of our employee. But, it really isn't. We can blame the Information Technology Team Only when we know that they should know. Otherwise, we can blame ourselves. But we can help them and our organization to embrace our security together. In this session, I would like to show all the interesting places where out IT Department can improve their security skills for free (or almost free). So reserve your time to look at this, then reserve their time to learn.