Network with high-caliber IT security experts
to learn from and discuss the latest cybercrime situation

The focus of the 15. event will be again on attacks against large companies, organizations and nations.

We will discuss how a combination of security tools that aim to detect anomalies plus approaches that e-identify all entities in an organisation could provide higher levels of security.

"Entities" is a collective term for data, applications, infrastructure, processes or individuals.

In short, we discuss if

e-identity of all entities + anomalies detection tools = higher security ?


Feedback from attendees


"I have never seen such a large concentration of excellent presentations; and exciting selection of subjects."
Thomas Schwyzer, Executive Director Security, UBS


"Not only the speakers play in the top league but also among the audience you find outstanding experts from large Swiss corporations and organisations."
Dr. Serge Droz, Vice President, SWITCH


"As a presenter, I was impressed by the caliber of the attendees and the depth of the discussions throughout the day."
Dr. Robert Griffin, Chief Security Architect, RSA

Who should attend

  • Compliance, governance, risk managers from large organizations
  • CISO, CIO, COO, CTO office
  • Government advisors & experts
  • IT infrastructure & operations experts
  • IT security & investigations managers




Event Location Last event



This event is initiated by

Prime Tower

Hardstrasse 201,
8005 Zürich

Program

  • 13:00
    Identity-centric Access Control
    Dr. Lukas Ruf, Founder & CEO, Consecom
  • Elektronische Identität, elektronische Signatur - von SuisseID und SwissID zu exakter Terminologie
    Umberto Annino, Security Officer, SIX Group

    Viel wurde schon gesagt über die elektronische Identität - insbesondere rund um den Gesetzesentwurf des E-ID-Gesetz.

    Daneben gibt es schon länger die rechtsgültige, sogenannte "qualifizierte elektronische Signatur" zur digitalen Unterschrift.

    Was macht nun das Produkt SuisseID, und wozu SwissID - und sehen jetzt privatwirtschaftliche Anbieter auf einmal alle meine Einkäufe und Abstimmungsergebnisse im Internet, wenn ich meine elektronische Identität nicht vom Bund bekomme?

  • Die Zukunft des Identity Access Enablements
    Reto Zwyssig, Sales and Business Development Manager, Ergon Informatik AG

    Unternehmen müssen im Zuge der Digitalisierung viele unterschiedliche Applikationen, Daten und Services schnell und effizient bereitstellen können, die jederzeit von überall erreichbar sind. Dies lockt Angreifer an!

    Die Identität wird in diesem Prozess zur zentralen Rolle der IT Security. Sie beschränkt sich nicht mehr auf bekannte, interne physische Identitäten sondern kann auch von Identity Providern bereitgestellt, ein Ding oder eine API sein, die Zugriff auf interne Ressourcen benötigt.

    Der Vortrag zeigt wie mithilfe eines Secure Access Hubs Applikations- und API-Security hoch gehalten werden kann und welche entscheidende Rolle dabei die Identität spielt.

  • Peering into the Abyss – Lessons Learned from Real Cyber Incidents
    Chris Yule, Senior Security Researcher, Counter Threat Unit, Secureworks

    Cyber security failures are frequent and often severe. Secureworks helps organisations around the world detect, respond to and remediate all kinds of cyber security incidents.

    In this presentation, Senior Researcher Chris Yule will look at some of the more interesting case studies that Secureworks’ customers have dealt with in recent times, as well as some of the lessons that have been learned the hard way.

  • Red teaming pentest
    Sebastian Schreiber, Managing Director, SySS GmbH
    1. Der Penetrationstest – allgemein und RedTeaming
      • Definition
      • Motivation
      • Besonderheiten
    2. Einordnung: RedTeaming-Test
      • Ethische Aspekte
      • Typische Szenarien
      • Zeitplan
      • Test-Tiefe und Test-Frequenz
    3. Einordnung der Ergebnisse
  • Cyberfraud Landscape
    Prof. Dr. Bruce Nikkel, Professor, Bern University of Applied Sciences

    This presentation describes the current cyberfraud landscape that society is facing today.

    It covers different types of phishing attacks, ebanking malware, mobile attacks, attacks to core banking systems, social engineering, and other financially motivated cybercrime.

  • IT Security quo vadis? Have I missed something?
    Dr. Marc Gysin, Technology Operational Risk, Credit Suisse

    Information systems are becoming ever larger, more complicated and increasingly interconnected. The result is an increased surface for cyber-attacks. There are constantly new attack- and new defense patterns - all these result in an “IT security arms race”.

    In my talk, I will elaborate on what this means to IT Security, what the challenges are and what the role of Identity Management might be.

  • Enabling Faster Incident Response via Intelligence Automation:
    Making the Data Work for You
    Chris Meidinger, Sales Engineer DACH, CrowdStrike

    Gartner says that “by 2021, endpoint protection platforms (EPPs) will provide automated, orchestrated incident investigation and breach response”.

    In this short talk, we will discuss

    • How to achieve automated investigation TODAY applying intelligence and cutting-edge technology to incident response.
    • How to apply intelligence and cutting-edge technology to incident response.
    • How to turn attacks into an opportunity to improve defense - automatically.
  • E-Identity regulations and challenges in Switzerland and the EU
    Daniel Muster, Berater, it-rm IT-Riskmanagement GmbH

    Das E-ID Gesetz wird fürs eGovernment von grundlegender Bedeutung sein. Deswegen ist es erforderlich, dass dieses Gesetz schlüssig, durchdacht und kohärent mit anderen Gesetzen und Vorschriften ist. Dies sowohl in rechtlicher, organisatorischer als auch in technischer Hinsicht.

    Doch das Gesetz wird wesentliche Stolpersteine enthalten, falls das Parlament diese Vorlage vor der Verabschiedung nicht verbessern wird. Im Vortrag werden diese Stolpersteine erläutert. Zudem wird im Anschluss an die Veranstaltung den Teilnehmenden ein umfassender Bericht dazu übergeben.

  • Pioneering Identity-Centric Cybersecurity Powered by AI
    Luca Martelli, Sr. Director Identity & Security, Oracle EMEA

    Today's enterprise has to deal with modern threats and new attack vectors while driving IT modernization, cloud adoption, and digital transformation.
    Built on the industry's first trust fabric for identity and security, Oracle introduces the principles of machine learning, artificial intelligence, and autonomous cyber resilience to help enterprises adapt and rapidly respond to the emerging threat landscape.
    This session provides an executive overview of Oracle's vision and capabilities for modern identity-centric cybersecurity.

    We will outline:

    • How to pioneer Identity-centric Cybersecurity Powered by Artificial Intelligence and Machine Learning
    • How to mitigate modern cyber-attacks using innovations in user and entity behavior analytics and machine learning, organizations use it to correlate events based on the identity context for threat detection, prevention, prediction, and response
    • Explore how automated cyber defense augment protection and accelerate compliance and how Oracle is supporting leading organizations in their Hybrid Identity Management journey
  • Live-Hacking Demonstration
    Sebastian Schreiber, Managing Director, SySS GmbH
    1. Angriffe auf Web Shop
    2. Angriff gegen Funk-Alarmanlagen
    3. Angriff gegen Funk-Tastaturen
    4. Android-Trojaner
    5. Neuer Bluetooth-Angriff
    6. SMS fälschen
    7. DoS-Attacke
    Falls noch genügend Zeit vorhanden ist:
    1. SQL-Injection
    2. RFID/NFC-Angriffe
    3. USB-Angriff / Gadgets
    4. Umgehen von Antivirus
    5. Krypto-USB-Sticks knacken
    6. Password Cracking
  • Identity & access management and anomalies detection solutions
    Aktuellste Innovationen, Produkte/Lösungs Vorstellungen

Supporters

Speakers

Dr. Lukas Ruf

Dr. Lukas Ruf is founder and CEO of Consecom AG.

Consecom is specialized in Strategic ICT Security Consulting, and offers support by concept (design), implementation and review (security testing, reviewing and auditing) services.

Lukas completed his master and Ph.D. studies the Swiss Federal Institute of Technology (ETH) Zurich in electrical engineering.

For more than two decades, he has been working as a consultant, architect and auditor in the areas of governance and organization, processes, and technology.

Among others, he is a well-known specialist for end-to-end security, identity and access management as well as information security management.

Dr. Marc Gysin

Marc has more than 20 years experience in IT Security and IT risk management.

He is an acknowledged “risk partner” talking to C-Level persons at various levels.

He has executed cyber security and IT risk assessments for multiple years, holds a PhD in Information Security and IT Engineering degree from the ETH Zurich.

When he is not busy with IT Security issues, he likes to travel, jog, take pictures, or, simply, be with his family.

Chris Meidinger

Chris brings 15+ years of experience in customer-focused technical service to CrowdStrike, where he leads technical pre-sales in Germany, Austria and Switzerland.

He comes to us from SecurityScorecard, Inc, where he built the Customer Success and Support organization.

Prior to that, Chris was the Director of the global Pre-Sales Engineering team at Agari Inc, and the Technical Director for financial and regulated industry customers at Sendmail, Inc. Throughout his career, Chris has gathered extensive experience architecting and delivering security solutions to customers across the Global 2000 and the public sector in both the United States and Europe.

His mission is to leverage his prior success and broad experience to ensure jubilance among CrowdStrike's most valuable asset – our customers.

Chris Yule

Chris is a Consultant Information Security Researcher within Secureworks’ Counter Threat Unit™.

With over ten years’ experience in information security, Chris is responsible for tracking the activity of various threat groups, analysing the latest threats and ensuring that our customers are protected from them.

Sebastian Schreiber

Sebastian Schreiber, born in 1972, studied physics, mathematics, business studies and computer science at the University of Tübingen.

He graduated in the latter, and in 1998 he founded SySS GmbH in his hometown in order to offer high-quality security assessments.

Until the present day, he is owner and Managing Director of this fast-growing company currently employing a staff of about 110.

Schreiber is frequently present on national congresses and the media, being a demanded expert in the field of IT security.

Daniel Muster

Daniel Muster, dipl. Physiker Universität Bern, NDS in Informationstechnologie ETH Zürich, ist selbständig erwerbend in der IT-Riskmangement GmbH (www.it-rm.ch).

Seit 20 Jahren ist er in der IT-Sicherheit tätig, u.a. in der Lehre. Er hat Diverses dazu veröffentlicht, z.B. ein Buch über „Digitale Unterschriften und PKI“ und Arbeiten und Artikel zum Spannungsfeld IT-Sicherheit und Recht.

Reto Zwyssig

Reto is Sales and Business Development Manager Airlock at Ergon Informatik AG based in Zurich.

He has spend more than 20 years in IT security and identity and has taken many roles in IT Development and Operation, Marketing, Sales, Product Management at Mettler-Toledo, Novell and SwissSign. One of his most recent role was to lead the conception and development of SwissID.

Reto pursues the goal to deliver adequate security at straightforward usability. He's passionate about sports, travel, food and his family

Umberto Annino

Umberto Annino, eidg. diplomierter Wirtschaftsinformatiker, arbeitet seit 1992 in der ICT und hat Erfahrungen in den Bereichen Anwendungs- und Systementwicklung, Projektleitung und Information Security Management & Consulting gemacht.

Heute ist Umberto Annino als Head Security Governance bei SIX Group tätig, mit Fokus auf Informationssicherheit sowie regulatorische und rechtliche Anforderungen an Cyber-Sicherheit.

Er ist nebenbei als Dozent für Cyber-Security, IT Risk Management und Datenschutz tätig und amtet im ISACA Switzerland Chapter im Vorstand als Ausbildungs- und Zertifizierungs-Koordinator sowie als Präsident der Information Security Society Switzerland.

Daneben ist er im Beirat des Unternehmen SwissFinLab, in der Kommission Cybersecurity von ICTswitzerland und im Cybersecurity Beirat der Schweizerischen Akademie für technische Wissenschaften (SATW) tätig.

Prof. Dr. Bruce Nikkel

Bruce Nikkel is the director of Cyber-Crime / IT Investigation & Forensics at UBS where he manages a team responsible for investigating cyber-criminal activity targeting staff, clients, and IT infrastructure.

He has worked for the bank's security and risk departments since 1997, and has managed the IT forensics function since 2005.

Bruce holds a PhD in network forensics and is the author of 'Practical Forensic Imaging'.

Luca Martelli

Luca is responsible for Oracle’s Identity and Cloud Security portfolio in EMEA.

He has spent the majority of his time in security, most recently as Identity & Security Lead for the Italian cluster at Novell and before as project manager for Cambridge Technology Partner delivering and managing the very first projects in the Identity Management space.

Luca supports organizations that are embracing their journey to the cloud, making sure security by design and security by default are the key cornerstones to improve their digital security posture, in the evolving hybrid IT scenario. Luca has an Executive MBA from Bologna Business School.

Ralf Haller

My more than two decades work experience has spanned various marketing, project management and business development roles, based on my training as an electrical engineer and masters in Telecommunication Systems (Karlsruhe Institute of Technology).

My career started while at university, when I took an assistant role in the USA. Later, I worked as an IT project manager for large key account clients at CompuNet in Munich and also worked in Hong Kong supporting the Asian region.

This prompted my move to Silicon Valley where I lived for many years, working as a Product Manager for successful startups building some of the first data communication equipments in the market. (first gigabit ethernet router/switch)

Since 2001, I provide product marketing and business development support and have organised different high-tech business events in Switzerland.

I am the organiser of about 15 per year national and international high-tech trends, innovation, entrepreneurship and technology business events in Switzerland, among them:

+ Silicon Valley meets Switzerland, svms-event.ch

+ Startup-Nation Israel meets Switzerland, startup-nation.ch

+ Chinese-Swiss High-tech Summit, china-innovation.ch

I am also the founder and president of the first - not for profit - "High-Tech Connect suisse" association encouraging and inspiring high-tech business development.

www.hightechconnect.ch

I started teaching the course "Global Innovation Ecosystems" and others at universities and look forward doing more of these as I love sharing and discussing with smart minds of all ages and cultures.

Sign up

On invitation only or with a "High-tech Connect suisse" Membership.
Please use your Code to sign on.