Hospital leaks patient records’, ‘Public transport smartcard has more holes than a sieve’, ‘Mobile banking app unsafe’ – it seems that everything can be hacked these days. Fortunately, the person who discovers a flaw is not necessarily a cybercriminal but is often someone who wants to help improve cyber security. He or she immediately contacts the system owner so that the problem can be solved. A well-coordinated approach allows everyone to learn from the exercise we call ‘responsible disclosure’.
The Netherlands is a world leader in responsible disclosure. The Dutch like to resolve conflicts through a process of general consultation: the famous ‘polder model’. This seems a particularly appropriate approach in the realm of IT and cyber security, since there is no central authority with overall responsibility but many diverse players, each responsible for their own tiny part of a vast and complex system.
For the last four years, researcher Chris van ’t Hof has been collecting stories from the hackers, system owners, IT specialists, managers, journalists, politicians and lawyers who have been key players in a number of prominent disclosures. His book “Helpful Hackers.” (2016) offers a glimpse into the mysterious world of cyber security, revealing how hackers can help us all.
RecordedNov 25 201638 mins
Your place is confirmed, we'll send you email reminders
Bryan will discuss real-world use cases tied to OT and IT that highlights what attackers do and how clients need to defend against them. His presentation will cover how visibility/detection is necessary with Real-World examples and will detail hunting and detection solutions to address these types of attacks.
Meeting the requirements of the GDPR is challenging, in particular when using Blockchain or AI. Where most people will cringe when mentioning the GDPR’s right to be forgotten and Blockchain in one sentence, this talk will explore how these particular challenges can be resolved, and how they could even be designed in a way that helps compliance
Enterprises are not victims, they’re vectors. Security in an ecosystem-driven world is no longer about protecting oneself—it’s about protecting everyone. Leading businesses are recognizing that just as they already collaborate with entire ecosystems to deliver best-in-class products, services, and experiences, it’s time security joins that effort as well. During this session we will share the key insights from the Accenture Technology Vision 2019 highlighting the top security trends.
Managing risk well requires an understanding of the current threats you face while looking ahead to where threats may emerge tomorrow. This talk will cover the biggest threats facing organisations today, while sharing the trends we observe in our research labs and how they will likely affect what we will see tomorrow. As humans continue to get more involved in attacks, our approach to defence needs to adjust to the human element: unpredictability.
The advances in information and communications technologies have provided possibilities for new functions, features and efficiencies in remotely managing and controlling industrial processes and services essential to the national economy and well-being of our societies. Unfortunately for every new feature introduced by these wonderful enabling technologies there is a vulnerability that can cause an unintentional accident or be intentionally exploited by an adversary. This is well understood by specialists working in Information Technology (IT) and there are well established best practices for protecting computers, data, websites, and networks. However, in protecting critical infrastructure and the technologies used by Industrial Control Systems (ICS) or Operational Technology (OT) the IT security practices that are very good at protecting data and networks do not fully apply in protecting a physical process or preserving a desired process state. For example safely monitoring and controlling the physical processes in generating electricity at a nuclear power station (flow of coolant), insuring the right level of chemicals are added to drinking water, refining crude oil at a petrochemical plant, pumping liquid fuel or compressed gas down a pipeline or safely running a railway system. This presentation will point out the peculiarities and challenges faced by security practitioners in protecting the supporting ICS technologies of these complex systems that provide the technical foundation for modern economic life, insuring national security and well-being of society.
DSS ITSEC in an annual, international and largest in the Baltic States cyber-security, data protection, privacy tech and business conference and expo from 2010, event annually brings together top ICT Security professionals from industry’s leading technology vendors, international organisations and agencies, local and regional businesses, as well as, representatives of government and public sector.