Programme
CYBER WAR AND FADING REALITIES
Cyber Resilience Conference is a strategic conference, specially developed for security managers and management. Together we will face the actuality of Cyber War and Fading Realities. Join the conference and make your business more secure and resilient! Through, inspiring keynotes, breakout sessions as well as round tables you will get inspired to join, debate en expend your knowledge and gain insight on the latest development in this vast landscape of cybersecurity.
During Cyber Resilience Conference we will discuss the following topics: Governance, Risk Management & Compliance, Threat Intelligence and Incident Management, Laws and Regulations (NIS2 and DORA), Infrastructure and Cloud Security, Identity & Access Control, Application & API Security, Awareness & Human Factor, Security Monitoring, Incident Management & Recovery, Data Security & AI
Reception and registration at DoubleTree by Hilton Brussels City
Opening by chair Erik R. Van. Zuuren
Fighting Cyber Crime
Remy Knecht, CHIEF SECURITY OFFICER OF ITSME® & MANAGING PARTNER, DIGIE and Matthias Govaerts, TEAMLEADER LOCAL PROPERTY INVESTIGATION AND INTERNET CRIME OF LOKALE POLITIE ANTWERPEN
Building Resilience in the Face of Cyberwar
Dan Cimpean, Director of Romanian National Cyber Security Directorate
Break at the network square with one-to-one meetings
Break-out sessions round 1
Synergizing Human Intelligence, AI and Data Lakes in Cybersecurity
Christof Jacques, Enterprise Security Engineer of SentinelOne
Cyber Security: Harder, Better, Faster, Stronger
Dan Jones, Senior Security Advisor EMEA of Tanium
Part 1: Dealing with the Upcoming Threat of Quantum Cryptography
Peter Spiegeleer, Enterprise Security Architect of Proximus N.V.
Break-out sessions round 2
Cyber Recovery: Making yourself resilient against ransomware
Marc de Schepper, Solutions Specialist of Commvault
Detecting Zero-Days on Day Zero with Machine Learning
Michiel Appelman, Senior Solutions Engineer of Cloudflare
Part 2: Dealing with the Upcoming Threat of Quantum Cryptography
Peter Spiegeleer, Enterprise Security Architect of Proximus N.V.
Lunchbreak on the network plaza with one-to-one meetings
Break-out sessions round 3
The Most Important Shift in Cybersecurity: Embracing SASE, Zero Trust, and AI Governance
Andy Quaeyhaegens, Senior Solutions Engineer Northern Europe
Defusing Real Active Directory Attacks at a Large Telco-Provider
Guido Grillenmeier, Principal Technologist, Semperis
Part 1: Industrial Security and NIS2
Claudio Bolla, Group CISO, INEOS | Nick Peeters, OT/ICS Security Lead, SoterICS | Johan Galle Cybersecurity Lecturer, HoWest
Break-out sessions round 4
Zero Trust and Segmentation: improving Cyber Resilience
Raghu Nandakumara, Head of Industry Solutions of Illumio
Cybercrime Trends 2024 - New technologies and the psychology of human behaviour
Part 2: Industrial Security and NIS2
Claudio Bolla, Group CISO, INEOS | Nick Peeters, OT/ICS Security Lead, SoterICS | Johan Galle Cybersecurity Lecturer, HoWest
Afternoon break on the network plaza with one-to-one meetings
Cyber-Resilience and Critical Asset Protection
Sabrina Cristofano, CISO - DPO at CHU-Brugmann
Cybersecurity in the Age of AI
Krzysztof Socha, Team Leader, CERT.EU
Wrap up by chair Erik R. van Zuuren
Network drinks & appetizers
Reception and registration at DoubleTree by Hilton Brussels City
DoubleTree by Hilton Brussels City iseEasy accessible. Centrally located just off Place Rogier. Rogier Metro station is in front of the venue and from the train station the Gare Du Nord it is a five-minute walk. Public parking is available underneath Place Rogier.
Opening by chair Erik R. Van. Zuuren
Erik is actively engaged in several professional activities. As such he founded TrustCore.EU, he executed several assignments private and public sector (European Commission, Federal Government, Flemish Government, Euroclear, Infrabel, Electrabel, BPost, ENISA, etc). Currently his main focusses are on the topics of Openbanking and Security Architecture at BNP Paribas Fortis as well as the wide topic of the new Trust Regulation en the European Digital Identity Wallet in collaboration with the EU Member States.
In his spare time, Erik is also Topic Leader “Security Architecture Management” at Solvay Brussels School and a member of the Vlaamse Toezichtcommissie (Flemish DPA). With his knowledge and experience, Erik is the ideal person to guide the conference as chair of the day. In his opening he will address the conference theme: Cyber War and Fading Realities.
Fighting Cyber Crime
Remy Knecht, CHIEF SECURITY OFFICER OF ITSME® & MANAGING PARTNER, DIGIE and Matthias Govaerts, TEAMLEADER LOCAL PROPERTY INVESTIGATION AND INTERNET CRIME OF LOKALE POLITIE ANTWERPEN
Cyber Crime and Consumer Fraud are getting more and more sophisticated. The yearly growth in consumers getting scammed is staggering. Adding the fact that these criminal networks have no geographical borders makes it extremely difficult for one organization to protect its consumers from these fraudsters. A coordinated approach between the public and private sector leverages on each organization’s capabilties to faster detect and protect against these scams. In this session we’ll dive into some of the Belgian initiatives where public and private sector work closely together because “it takes a network to fight a network”.
Building Resilience in the Face of Cyberwar
Dan Cimpean, Director of Romanian National Cyber Security Directorate
Resilience of key networks and information systems to cyber attacks is essential, yet resilience also serves as a very important element to deter adversaries. Resilience and deterrence are both part of a comprehensive cyber strategy that both organisations and nations can and shall use, not only to strengthen the defender’s posture and capabilities but also deter adversaries from attacking. The lessons learnt from the hybrid war at EU’s and NATO eastern borders can be a valuable insight for cyber resilience building efforts.
MORNING BREAK AT THE NETWORK SQUARE WITH one-TO-one MEETINGS
Enjoy fresh coffee, tea and snacks on the network square, such as kako Cream, lactose-free Panna cotta, chocolate brownies and fresh fruit. The first one-to-one meetings will take place. The catering is brought to you by SentinelOne.
Synergizing Human Intelligence, AI and Data Lakes in Cybersecurity
Christof Jacques, Enterprise Security Engineer of SentinelOne
In the landscape of modern cybersecurity, Artificial Intelligence (AI) plays a pivotal role, offering unparalleled speed and power to both defenders and adversaries. The integration of machine learning, bolstered by vast data lakes, has emerged as a cornerstone in defense strategies. However, as AI continues to evolve, leaders face the challenge of maintaining a delicate balance between leveraging its efficiency and accuracy, while ensuring meaningful human engagement.
This session explores the dynamics of human-AI collaboration in cybersecurity, highlighting the imperative for strategic interaction between AI-driven automation, human intuition and the wealth of insights stored within data lakes in real-world scenarios. Learn how to unify, accelerate and simplify your SecOps; Detect earlier, respond faster and stay ahead of attacks. And gain complete visibility across your entire organisation.
Cyber Security: Harder, Better, Faster, Stronger
Dan Jones, Senior Security Advisor EMEA of Tanium
In this session Dan Jones, will delve into the key programs that every organization must implement to prepare for upcoming regulations in cybersecurity.
- Cybersecurity is getting Harder. How can organisations be secure when they have less people, a larger estate and a larger attack surface?
- How can organisations make it Better? The importance of People, Technology and Process.
- Why you need your data Faster? And why Real Time Data Measured in Milliseconds is imperative.
- How to make your organsation Stronger with Visibility, Control, and Remediation.
Dealing with the Upcoming Threat of Quantum Cryptography
Peter Spiegeleer, Enterprise Security Architect of Proximus N.V.
Accelerating developments in the field of quantum computing will bring disruptive challenges to cybersecurity. Organizations will need to adapt to the risk posed by quantum computers, which will have the potential to break many of the cryptographic systems that we rely on today and that are nested largely and deeply in our infrastructure. We are at risk already right now, as encrypted communications are stored by attackers to be decrypted years later with quantum computers (aka “store-now-decrypt-later attack”). Migration to quantum-safe solutions is inevitable. National governments are urging the industries to prepare for “Post-Quantum Cryptography”. In this roundtable, we will objectivate the risk and discuss strategies. What is the sense of urgency? Is your company developing a policy and mobilizing teams? How to conduct a diagnosis? How to implement for crypto-agility? How to plan for migration? What about the supply chain risk? Join this roundtable together with your peers to gain new insights and to prepare for resilience against evolving cyber threats.
Cyber Recovery: Making yourself resilient against ransomware
Marc de Schepper, Solutions Specialist of Commvault
In this session, cyber recovery takes centre stage as we demonstrate how to protect yourself against cyber threats such as ransomware. With thoughtful and tested security against ransomware incidents, advanced preparation, automated validation, and rapid recovery options, regardless of where your data resides. Learn how to make yourself resilient against ransomware by securing the data of your patients, customers, partners and communities.
Commvault has been a Gartner Magic Quadrant leader for 12 years. More than safeguards more than 100,000 organizations around the world rely on Commault and they secure 3 EB of cloud data and have a unique FedRAMP High cyber resilience platform.
Detecting Zero-Days on Day Zero with Machine Learning
Michiel Appelman, Senior Solutions Engineer of Cloudflare
As attackers get more numerous and start to get help from ChatGPT and other LLMs, the amount of malicious payloads that bypass our signature-based defenses are increasing. It’s becoming increasingly unrealistic to expect our Security Analysts to keep up with writing effective mitigation rules. In this session you will hear how we are able to turn the tables and leverage ML and AI to detect and prevent zero-days on day zero.
- How attackers are evolving and getting help
- What it takes to train ML models to recognize new attacks
- Help to comply with NIS2 by seeing and blocking new threats immediately
- What we can do to make your security analysts more effective
LUNCH BREAK AT THE NETWORK SQUARE WITH one-TO-one MEETINGS
During lunch our chef serves various bowls with bulgur, sweet potato or greek pasta with toppings such as salmon, crusted chicken, grilled halloumi, caviar of smoked eggplant, grilled green asparagus, edamame, sundried tomatoes and more. To end your meal you can choose a healthy dessert bowl, low in fat and sugar.
Rapid7 demos: Reduce your external exposure on the darkweb with ThreatCommand, Shift left with Dynamic Application Security Testing (DAST), A turnkey Rapid7-managed SOC with unlimited Incident Response, Actively identify and manage IT vulnerabilities in your organization, InsightIDR, the turnkey SIEM that includesXDR and Network-Traffic Analysis.
Semperis demos: Discover the different solutions Semperis has to offer.
The Most Important Shift in Cybersecurity: Embracing SASE, Zero Trust, and AI Governance
Andy Quaeyhaegens, Senior Solutions Engineer Northern Europe of Netskope
Discover the dynamic shift we have seen in Cyber Security programmes along with the introduction of new and disruptive technologies.
Join this session and learn how to prepare your organisation for the future of cybersecurity including:
- Steps to transform to a full Secure Access Service Edge (SASE) architecture
- Controls that can support a comprehensive Zero Trust approach to access control
- Governance and Security measures for the use of GenAI
Defusing Real Active Directory Attacks at a Large Telco-Provider
Guido Grillenmeier, Principal Technologist, Semperis
Imagine this: Attackers infiltrate your company’s identity system, exploiting a security gap in Active Directory (AD), escalating privileges, introducing malware, and locking up files. They spam your staff and slow down their computers. Your company is at risk of imminent shutdown. This is a common playbook, targeting Microsoft AD and Entra ID the infrastructure that supports 90% of enterprises today.
Gartner named Identity Threat Detection and Response (ITDR) a top cybersecurity trend since 2022, warning of credential misuse. Guido Grillenmeier has firsthand experience responding to such attacks, having helped a large telco provider in the Middle East recover in real-time. In this session, he will detail the attack phases and provide guidance on effective responses to the in-progress attacks on the identity systems.
Roundtable: Industrial Security and NIS2
Claudio Bolla, Group CISO of INEOS | Johan Galle, Cybersecurity Lecturer of Howest, University of Applied Sciences | Nick Peeters, OT/ICS Security Lead of SoterICS
Ensuring their cyber resilience has become an obligation for more parties then before under NIS2. Especially in the area of OT/IOT-security there is still a lot to do, to put it mildly.
In this context, this roundtable targets to discuss trends in OT security, ways in which to take on the challenge and discuss lessons learned on how to improve OT/IOT security.
Zero Trust and Segmentation: improving Cyber Resilience
Raghu Nandakumara, Head of Industry Solutions of Illumio
As we transform our business models to deliver more agile services the increasing threat of ransomware can potentially disrupt those services causing an impact on society. While we can continue to spend more money or traditional security approaches a shift in thinking to Zero Trust will be more effective and save money. In this workshop, we will address the following topics:
- How to identify and define risk
- How to reduce the attack surface
- How to prevent the spread of breaches
- How to contain a ransomware attack
- How to respond and restore services during an attack
Cybercrime Trends 2024 - New Technologies, Psychology of Human Behaviour, Awareness in NIS2
Kim De Wit, AWARENESS SPECIALIST OF SOSAFE
AI changed everything last year. Now, in 2024, the real battle begins: Who will harness the power of new technologies and the psychology of human behaviour more effectively – us or the cybercriminals? In our talk, we’ll break down the top cybercrime trends to watch in 2024 so that you can stay ahead of the curve with your security team and protect your organization from attacks. We’ll explore the ever-increasing involvement of AI in cyberattacks, which is changing the game for everyone involved. The role of cybersecurity awareness in NIS2 and we’ll look at the double-edged sword of emerging technologies like 5G and quantum computing.
AFTERNOON BREAK AT THE NETWORK SQUARE WITH one-TO-one MEETINGS
Enjoy the afternoon break at the network square with a sweet treat such as creme brûlée, tiramisu, strawberries with praline and fresh fruits. The last one-to-one meetings will take place, meet colleagues, peers and speakers and share your gained knowledge! The catering is brought to you by SentinelOne.
Cyber-Resilience and Critical Asset Protection
Sabrina Cristofano, CISO - DPO at CHU-Brugmann
In today digitalized world, organizations across various sectors have become prime targets for cyberattacks, underscoring the critical importance of cyber resilience. In this context, this presentation will explore the need for organizations to recover quickly from cyber threats and protect their critical assets. We will discuss the importance of having robust backups and the ability to recover data. Additionally, we will analyze the impact of new regulations, including the NIS 2 Directive, on cyber resilience strategies and asset protection. Finally, we will present effective strategies for building and maintaining cyber resilience and safeguarding critical assets across diverse industries
Cybersecurity in the Age of AI
Krzysztof Socha, Team Leader of CERT-EU
An overview of the significant impact AI has on the field of cybersecurity, exploring its role as both a protector and a threat. The advancement of AI-driven security measures capable of anticipating and mitigating cyber threats more efficiently, thus enhancing the protection of essential data and infrastructure. Conversely, the challenges posed by adversaries utilizing AI for sophisticated cyberattacks, which complicates the security landscape.
Network drinks & appetizers
We end the day in an appropriate manner while enjoying a drink, appetizers and finger food. Have informal discussions with colleagues, peers, partners and speakers.
Why Active Directory is the Prime Cyberattack Target - and what to do about it!
Guido Grillenmeier, Principal Technologist, Semperis
For more than two decades, Microsoft Active Directory (AD) has been the de facto method organizations use to authenticate and authorize users for access to computers, devices, and applications within a company’s network. Most companies still rely on it and have further extended its reach into the cloud by synchronizing their on-prem AD with the Microsoft Entra ID to allow proper SSO to cloud-applications by their users. AD is celebrated for its extensive compatibility with various applications and Windows editions, but that compatibility comes with security downsides.
Compromises of AD can occur as an entry point leading to a further attack or can arise at various other points along the kill-chain following an initial compromise via some other mechanism. Protecting AD is crucial as it often becomes a primary target in breach strategies.
Active Directory defense tools must be paired with a wider Zero Trust and XDR approach to provide full visibility over organizational infrastructure, enabling security teams to accurately identify the point of origin of an attack, and to perform the containment and remediation actions required to neutralize and prevent reoccurrence of an attack.
Join Principal Technologist, Guido Grillenmeier, to discuss AD access points used in recent cyberattacks, security risks to watch for in managing AD, how to look for warning signs that AD has been compromised and steps to take in the event of an attack.
Roundtable for security leaders: How to achieve a robust security posture with Zero Trust
Michiel Appelman, Senior Solutions Engineer of Cloudflare
For many companies, Zero Trust and its principles have transformed traditional approaches to network security, allowing organizations to achieve unprecedented levels of granular control of their users, devices, and networks.
But how do you best apply Zero Trust architectures in an enterprise setup? And how does Zero Trust architecture enable organisations to gain productivity benefits from AI tools while staying secure in the face of emerging threats?
During this roundtable, a closed confidential space, you will gain insights from Michiel Appelman of Cloudflare, who will share best practices that can help you effectively implement Zero Trust within your organization.
By the end of the discussion, participants will be equipped with actionable insights to enhance their organisation’s security resilience as well as learning how Cloudflare customers like Delivery Hero and Otrium have integrated Zero Trust principles. We hope to see you for this exciting discussion where we can explore together how Zero Trust offers a more secure and adaptive approach to security.
THE PLACE TO MEET AND DEBATE WITH SECURITY-PEERS
Join us at the Cyber Resilience Conference and learn from high-profile speakers and other subject matter experts who share their knowledge and insights on the latest developments in this vast landscape of cybersecurity with you.