3rd Annual Cyber Security Summit
11 - 12 Apr 2013, Prague, Czech Republic
Welcome to the 3rd annual Cyber Security Summit: Solely Enterprise Focused
Following up the sold-out event in 2012, we are proud to present you the 2013 Cyber Security Summit. With an increased importance placed on discussions and free flow of information exchange between the participants it is a must-attend event for all executives in cyber risk management. Watch a short video from the past 2012 CSS for better understanding of scope and focus of the Forum:
Does your organization implement Cyber Security Solutions? Would you like to learn from industry peers on how they do this? Do you have a solution that you would like to present in front of the biggest industry minds?
The CSS will bring together key corporate security decision makers to discuss the strategic priorities, potential risk factors and threats. Together, they will provide you with inspirational guidance on how industry experts respond to these denunciatory challenges.
Why should you attend?
- Gain an insight into the IT incidents
- Understand how nations' premier companies are improving their cyber security
- Address your questions to the best experts
- Find out how secure you are and what level and form of attack could come in to you
- Review your level of security and readiness for penetration
- Align your security strategy with critical business and corporate goals
- Obtain the latest update on state of art in digital treats in cyber underground
- Utilize the full potential of cyber security
- Learn how to information awareness can minimize your risk
-
HOT TOPIC: Banking Malware and Threats
What distinguishes this event?
CSS is not a typical summit focused on government agencies. The light is shed on coping with cyber risk in the enterprise world. Building on the success of our previous events, the distinguishing features of this unique format are:
- One of the best experts in the world answers your question and provide their in-depth know-how
- Unique mix of 15 presentations, practical sessions, key studies
- Exclusive senior-level attendance
- Practical and up-to-date studies and solutions
- Customized itineraries
- EBCG ThinkTank sessions - who knows your business better than your peers
Summit‘s agenda at glance: Coping with Cyber Risk in Practice
- Current cyber risks in corporate environment
- Human interaction with technology
- Protection for company and customers
- Industry standards for payment processing
- Business continuity
- Most common cyber weaknesses under microscope
- Incident remediation and incident response
- Future trends to combat cyber-crimes
Our Agenda will feature comprehensive presentations to drill down on your hottest topics, with expert panel discussions formed to help you create a customized agenda based on your current focus, role and experience level.
Event Summary
International cybercrime is growing at a rapid pace as cybercriminals employ more sophisticated methods to attack governments and corporations. Today, the value of stolen data, thanks to our global economy, has no limits, and has only increased the potential for unfair business competition. Information has become a commodity, with a hefty price tag, and a growing market of hackers. What is the solution? How to stay on the top of the game?
Join us! Listen, Ask and Stay Protected!
Your Premium Speaker Panel:
Rik, VP Security Research at Trend Micro, is one of the leading experts in information security. With over eighteen years experience in information security, Rik has been with Trend Micro since 2007.He is an advisor to the EU Safer Internet Forum, The Information Security Alliance EURIM, a project leader with Europol and the International Cyber Security Prevention Alliance (ICSPA), a director of Get Safe Online, Vice Chair of the Centre for Strategic Cyberspace & Security Science and advisor to various UK government technology forums. In April 2011 Rik was inducted into the Infosecurity Hall of Fame.
Graham Welch is Managing Director of EMEA operations for Sourcefire, Inc. (Nasdaq: FIRE), the creator of Snort® and a global leader in intelligent cybersecurity solutions. In this position he is responsible for corporate operations across the region, including sales, business development and strategic marketing activities. Bringing 17 years of experience managing European sales operations for U.S.-based security companies, Welch joined the company in April 2003 as European sales manager and the company’s first international employee. Before joining Sourcefire, Welch was area vice president for UK, Ireland, France and Benelux at RSA Security, where he was responsible for a significant portion of RSA’s EMEA revenues. While at RSA Security, he built the UK business from $5 million per annum to more than $25 million in just five years. Previously, Welch held major account sales and channel positions at technology manufacturer Tektronix Inc. and UK distributor Golden Gate. Widely recognized for his knowledge of the security industry, Welch is a regular speaker at industry conferences and has contributed articles to IT and security publications across the European media. Welch graduated with a B.S.C. Honours in Electrical and Electronic Engineering from the University of Plymouth.
Alexander‘s career is built based on international experience, working in multinational companies and international environments. He has been able to adapt quickly and efficiently to all new working environments, considering also, but not limited to cultural differences.
Out of the 7+ year experience in the Information Security field, four of them represent his latest professional success as Information Security Manager within OMV Group, the Oil & Gas industry’s market leader in Central and Eastern Europe. From the most relevant topics he handled during this period, he could nominate the implementation of Information Risk Management Program, Information Security Management System (ISMS), development, documentation and maintenance of Information Security Standards, presentation of Information Security education, awareness and training activities for users, Business Impact Analysis, IT Risk Assessments, Gap analysis & mitigation activities, Disaster Recovery and Business Continuity Planning, Readiness exercises in order to obtain ISO 27001 and PCI DSS certifications, Penetration testing activities … The three words which describe Alex best are vision, enthusiasm and initiative.
Mohammed Aldoub is a Computer Engineer and Information Security specialist from Kuwait, he worked at developing various security and cryptographic systems for the government of Kuwait, he volunteers at OWASP, where he is Kuwait's chapter leader, and also volunteers at the Tor Project, the Guardian Project and others. He works as secure systems engineer in the government and as an independent Security Consultant.
Mr. Johan Rambi is Alliance Manager Privacy & Security at Alliander in the Netherlands and supports the organization with the development of Smart Meter/Grid Cyber Security as a subject matter expert. Furthermore, Johan is chairman of the Dutch DSO Policy Committee Privacy & Security from Netbeheer Netherland, who developed the Dutch Privacy & Security sector requirements for Advanced Metering Infrastructure. In Europe Johan is active in several EC expert groups and standardization committees on Smart Meter Privacy & Security / Smart Grid Cyber Security. Johan is a known speaker at several conferences on SCADA and Smart Grid Cyber Security. Before Johan joined Alliander, he worked as security architect and consultant at different organizations for the last 15 years.
Marek has got many years of experience in penetration testing, including banking systems and electronic banking in several Polish banks and financial institutions. Currently he is testing internal system in The Royal Bank of Scotland. He holds the OSCP and OSCE certificate from Offensive Security. He is OWASP Poland Board Member. He graduated the Faculty of Electronics and Information Technology on Warsaw University of Technology.
Having worked in information security for more than 10 years, Joerg started his career with a startup technology consulting company based in Germany, followed by a journey through the IT landscape including writing code for high-speed multi-gigabit packet switches. Before joining Barclays Bank PLC in 2008 as the Attack Monitoring Manager for the global Intrusion Detection Programme he was the CSO of infoServe GmbH, a Internet Service Provider offering creative solutions around managed security services and customised gateway developments. Currently, as the Group Director for Attack Monitoring, his team is developing new and creative solutions to stay ahead of potential attackers to protect Barclays' customers by combining off the shelf products with custom developed capabilities. Joerg is actively involved in malware and botnet research, working with different groups to better understand the cyber threat landscape as it evolves over time.
In March 2003, Jan took on the position as Head of Group Security in SEB, which is a leading North European business bank with approximately 20,000 employees and current operations in some 20 countries. Prior to this, he was Head of Security at the Swedish telecom operator Tele2. He has also been working as a security analyst for Sweden Post. Jan has a background in the Swedish Security Service and as a police officer at the Stockholm County Police.
Jan Persson has a broad experience in the security area with a special focus on fraud prevention and risk management for foreign investors in the Baltics and the former Soviet Union. He holds a Masters Degree in Estonian and Economics. He is also a board member of the International Banking Security Association (IBSA).
In 2008 Jan was awarded the annual security grant from the Swedish Confederation of Enterprise.
As the global head of Security Operations for one of the Netherland's largest banks, Jethro Cornelissen is responsible for providing strategic Security Operations solutions and services to the Rabobank International Wholesale, International Retail and Rural Business. He oversees the teams to ensure these global solutions are delivered in a well-controlled, timely and cost effective manner. He has extensive experience in IT risk, Security management and Security Intelligence. Prior to joining Rabobank International, Cornelissen held senior IT and security positions at HBOS Plc. (Lloyds Banking Group), Clerical Medical Financial Services B.V., Vodafone and ABN AMRO Bank N.V. Asset Management.
After Dr. Christian Reiser started in fault tolerant real time computersystems he became expert in information security and works in that areafor about 20 years with special focus on organizational and human aspects. Besides his main profession as security specialist for Erste Group BankAG he is Lector at an University for Applied Science (Fachhochschule)and gives specialized trainings from time to time.
Philipp Schaumann has been working „in the IT“for more than 30 years. In the last 20 years he was concentrating mainly on the security aspects. He is very much interested in the organisational and human / psychological aspects of information security that are quite often neglected and that cause so many security problems. Philipp is working as security specialist for the Erste Group Bank AG in Vienna and privately maintains a large German language security website:http://sicherheitskultur.at/
Pierre Chassigneux, 49, is Chief Risk and Audit Officer at Cartes Bancaires, one of the largest Card Payment Scheme in Europe. He holds degrees in Information Systems Security and National Defense studdies. He started his career as an engineer in the French Defense Ministry and after in the French Information Systems Security Agency. He then joined Gemplus as the manager of e-signature Department and later took his present position at Cartes Bancaires in 2001.
Mr. Josef Šedivý is Information Security Officer at ?SOB. His main role is to implement and keep alive the security governance and management framework for information risk in the company, define the policies and procedures in the information security area and actively advise the business in taking effective business desicions with regard to the information risk. Josef has over 9 years experience in the information security and risk management areas. Before joining ?SOB Josef worked with Deloitte as Senior Information Security Consultant. Josef is member of ISACA and (ISC)2.
Giuseppe Abbamonte is Italian qualified lawyer ("avvocato") and has been working as a Commission official since June 1992. Before joining the Commission he was an associate in the law firm Allen & Overy in Milan for four years (1989/1992). In the Commission he has worked in five DGs (TREN, COMP, SANCO, JLS and INFSO). During the first five years (1992/1997) in TREN, he was responsible for State aid control in the air transport sector (e.g. Air France, TAP and Aer Lingus). In 1997 he joined COMP as the State aid expert and for one year he was responsible for some complex State aid cases in the French postal sector.
In 1998 he joined the Merger Task Force. For four years worked as desk officer on numerous prominent mergers and acquisitions, became expert in digital media markets, particularly those involving online distribution of audio-visual content, e.g. AOL/Time Warner and in EMI/Time Warner, Telia/Telenor: the merger of the main Swedish and Norwegian telephone and TV operators.
In 2001 he moved to SANCO as Deputy Head of a Legal Unit, responsible for most EU consumer laws and became Head of the Unit in 2005 with promotion to AD13 in 2008. He was involved in EU policy making and the impact assessment culture, bringing old regulatory framework up to date with market developments, particularly on-line. Producing good legislation, which is principle based and technologically neutral has been a major challenge. His main legislative files were the Unfair Commercial Practices Directive.As a result of the reorganisation of the Barroso II Commission, his unit was moved to JLS where he was responsible, in addition to consumer law, for developing general European contract law.
From January 2011 he was the Head of the Electronic Communications Policy Development Unit in INFSO. His main files include on-line privacy, universal service obligations, net neutrality and the CEO Roundtable on the sustainability of the Internet ecosystem and the broadband investment framework.
From the first of July 2012 he acts as the Head of the Trust and Security Unit, in the new DG CONNECT department (former INFSO).
Giuseppe is an author of several publications mainly in English law magazines and is a member of the Advisory Board of the Centre of Competition Policy of the University of East Anglia.
Ricardo joined the Zurich group in July 2010 as responsible for Risk Management, Information Security and Compliance for the General Insurance IT center in Barcelona. Since joining he has been mainly concerned about embedding into the organization the early identification and mitigation of risk issues, building confidence with stakeholders that risk management is effective; delivering a consistent approach to IT Risk and Security; and promoting a culture of integrity, ethics and compliance. Before joining Zurich he worked at Arthur Andersen, Ernst&Young and Adecco, and has been servicing organizations in America, Europe and Asia-Pacific. He has a degree in Information Science and is Certified in the Governance of Enterprise IT; and Certified in Risk and Information Systems Control by ISACA.
Dr Panagiotis Trimintzios is managing the area of Cyber Crisis Exercises and Cooperation within the Information Security and Data Protection Unit at the European Network and Information Security Agency (ENISA), where he works since 2005. He was the director of Cyber Europe 2010, the first pan European large scale cyber exercise, Cyber Atlantic 2011, the first EU-US cyber exercise, Cyber Europe 2012, the second pan European exercise with over 500 participants. His other projects in the area of cyber crisis cooperation and management include studies on National Cyber Contingency Plans, National Risk Assessment, pan European Cooperation Operational Procedures etc. In the past he managed studies on Resilience Metrics, Resilience of the Internet Interconnection Ecosystem (Inter-X). For many years he was the Editor-in-Chief of ENISA’s Quarterly Review. Dr Trimintzios holds a BSc on Computer Science, an MSc on Computer Networks and Telecommunications, a PhD on IP Networks Management, while prior ENISA for many years worked as a researcher managing European and nationally funded projects in his areas of expertise. He has published over 60 papers in scientific journals, magazines, and international conferences.
Mahmoud Yassin, Lead Information Security Engineer at the National Bank of Abu Dhabi is manager of the Command Center Team for System & Security Monitoring, responsible for Security Operation Assurance.
Amongst his professional networking groups are the (ISC)² UAE Chapterand holding chair of chapter president elected and hired by ISC2 board members , Mahmoud initiated the chapter in UAE
membership of the ISACA COBIT 5 review member group and he has had articles published with InfoSec Island a reputable group for information security community.
Many published articles in ISACA like mobile Security , BYOD hacking 9 magazine
Mahmoud has contributed to several Information Security related events in the UAE and he is member of various security groups as the UAE AAA, ISACA, (ISC)² and the Identity Management Institute just to name a few.
He has 16 years of experience in the Infrastructure Field, having worked over 10 years as Infrastructure Security Architect for multinational organizations such as Microsoft and Fujitsu.
Mahmoud owns a BSE from the University of Cairo and a Master’s degree in Information Security from the University of Fairfax.
During his extensive career Mahmoud has obtained professional certificates such as CISSP, CISA, CRISC, PMP, COBIT, ITIL, MCSE.
Coen Bongers is Risk & Control Officer for the Platform Security at Philips, is MCSE, CISSP and CISA certified and studied Technical Computer Science in Arnhem, the Netherlands. He started his career in 1987 and worked in many fields within the IT industry, such as IT support, firewall management and consultancy. For several years Coen worked for the Dutch Defense Department as Military Police Officer and Firearms Instructor. Because of this background he was later asked to join the Philips Security team during days of LovGate, Nimda and CodeRed. Within Philips, Coen worked as IT Risk assessor, Security analyst and CSIRT Team Lead. He has been involved in response to many severe incidents. Currently Coen is performing web application security testing, IT risk assessments and security incident response support. He works closely with the CIS Office, security architects and external organizations such as the Dutch NCSC.
Mustafa KOMUT graduated from Kings College,University of London . He is a Computer Engineer (B.Sc,M.Sc) , worked in Banking Industry for several years.He managed IT operations at several banks located in Turkey. He is a Security and Audit Professional. Now he works at Vodafone Turkey as a Business Continuity Senior Manager . Main domain of his special interest, and professional work he already performed as .
- BC & DR (Business Continuity and Disaster Recovery)
- Crisis Management
- Emergency Management
- ISO 27001 -ISMS
- BS 25999 –BCMS
- COBIT
- GRC (Governance Risk and Compliance ) & IT Governance
- PCI
- E?signature & Mobile Signature
- CPN (Converged Packed Network)
- Network monitoring?Alert Monitoring (Level1&2 Support)
- Performance Measurement of IP network
- Identification of root cause events
- PKI
- Encyrption
He writes several articles, and journals. He is also a member of ISACA,IEEE, and Vice President of ISSA Turkey Chapter
Specialities
CISA,ISO 9001 LA,COBIT,ISO 27001,BS 2
Conference Sponsors
Gold Sponsor
 |
General Dynamics Fidelis Cybersecurity Solutions provides organizations with a robust, comprehensive portfolio of products, services, and expertise to combat today's sophisticated advanced threats and prevent data breaches. Our commercial enterprise and government customers around the globe can face advanced threats with confidence through use of our Network Defense and Forensics Services, delivered by an elite team of security professionals with decades of hands-on experience, and our award-winning Fidelis XPS™ Advanced Threat Defense Products , which provide visibility and control over the entire threat life cycle. |
Silver Sponsor
 |
Sourcefire, Inc. (Nasdaq:FIRE), a world leader in intelligent cybersecurity solutions, is transforming the way global mid- to large-size organizations and government agencies manage and minimize network security risks. With solutions from a next-generation network security platform to advanced malware protection, Sourcefire provides customers with Agile Security TM that is as dynamic as the real world it protects and the attackers against which it defends. Trusted for more than 10 years, Sourcefire has been consistently recognized for its innovation and industry leadership with numerous patents, world-class research, and award-winning technology. Today, the name Sourcefire has grown synonymous with innovation, security intelligence and agile end-to-end security protection. |
 |
Trend Micro Incorporated, the global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years’ experience, we deliver top-ranked client, server and cloud-based security that fits our customers’ and partners’ needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro™ Smart Protection Network™ global threat intelligence data mining framework, our products and services stop threats where they emerge – from the Internet. They are supported by 1,000+ threat intelligence experts around the globe. |
Bronze Sponsor
 |
Kaspersky Lab is one of the fastest growing IT security vendors worldwide. Today it is firmly positioned as one of the world’s top four leading antivirus vendors. Today it’s the world’s largest privately held vendor of endpoint protection solutions. |
Collaborative Partner
 |
The primary goal of the ISSA is to promote management practices that will ensure the confidentiality, integrity, and availability of information resources. The ISSA facilitates interaction and education to create a more successful environment for global information systems security and for the professionals involved. Members include practitioners at all levels of the security field in a broad range of industries such as communications, education, healthcare, manufacturing, financial, and government. |
Media Partners
Gold Media Partner
 |
Digital Forensics Magazine: Dedicated to all aspects of Digital Forensics with the quality and feel of a peer-reviewed journal yet the layout and features of a magazine. Packed full of feature articles plus sections on Legal, From the Lab, All things Apple, Interviews, Expert Comment, Competitions and much more. |
Silver Media Partner
 |
Global Security Mag is a Logical & Physical IT Security Magazine circulated to 5.000 decision makers, typically CSO. Global Security Mag is a quarterly magazine & website in French & English. It has daily global information in English French at www.globalsecuritymag.com & www.globalsecuritymag.fr and in newsletters. On the 4th April 2013 we have organized the 4th annual GS-DAYS, the francophone Security days conferene in French on Ethical hacking www.gsdays.fr. Contact: SIMP, 17, av. Marcelin Berthelot, 92320 Chatillion Tel.: 01 40 92 05 55 - Fax.: 01 46 56 20 91 - e-mail: ipsimp@free.fr or marc.jacob@globalsecuritymag.com |
 |
Computer Weekly is the leading provider of news, analysis, opinion, information and services for the UK IT community, and an advocate for UK IT professionals and the role of technology in improving organisations in all sectors of business and public life. On the web, on mobile and through face-to-face events, Computer Weekly aims to help senior IT professionals to:
|
 |
Data Center POST offers timely, relevant information to IT and data center managers. Our daily posts are contributed by senior IT and business executives, and other industry experts. Data Center Post works hard to get the most current information to add relevance to today’s successful data center. We're a knowledge base, a news portal, and a beacon for today's data center and IT manager. |
 |
Hakin9 is a digital magazine devoted to IT security. It covers techniques of breaking into computer systems, defence and protection methods, tools and latest trends in IT Security. Every month Hakin9 publishes 4 magazines: Hakin9, Hakin9 Extra, Exploiting Software Hakin9 and Hakin9 on Demand. All articles are highly technical and written by high class specialists with long years of experience. They are useful for everyone interested in securing and hacking and they are suitable for professionals. |
 |
it events is the largest source of tech events, conferences, trade shows, seminars and training programs provided by global corporations as well as specialized training centers and organizers around the world. |
 |
The Mind Commerce® mission is to provide customized research, consulting, training, and writing servicesfor the telecommunications and IT industry within our areas of expertise. Mind Commerce clients include manufacturers, developers, service providers, industry organizations, and government. Mind Commerce partners include various leading firms in the telecommunications industry. Mind Commerce differentiates itself from its competition by meeting the unique needs of its clients through customized product development and service delivery. |
 |
IT-DIRECTOR is designed as a business magazine and reports on economical solutions resulting from the usage of modern information and communication technologies. It adresses Chief Information and Process Officers as well as members of the board in upper medium-sized companies and large firms and groups. Its focus lies on cost-benefit analyses and the future prospects of IT investments, so that it is also read by opinion leaders such as consultants and analysts. Due to its high-value presentation, its excellent reports and its area-wide distribution, IT-DIRECTOR plays a significant role among German IT magazines in executive floors and IT-departments. |
 |
The Bavarian IT Security Cluster is an affiliation of IT companies, businesses which themselves use security technology, universities, institutes of further education and law firms. The cluster was officially founded in 2006.
The principal aim of the cluster is to increase the competitiveness and market potential of its member companies. To achieve this goal, we initiate and promote cooperation; further the development of IT security research and training; launch and mentor new companies and provide information about security risks and their technical and organisational solutions. Through the pooling and effective presentation of its IT security expertise, the Bavarian IT Security Cluster raises its members’ market profile. |
 |
Bluekaizen is an online portal offering free knowledge in the Information Security field. Its main target is to raise the level of Information Security knowledge and awareness in society; we started on July 2010 by gathering experts in Information Security Field, promoting the idea of sharing information and knowledge is our way, as we believe that every one of us has some knowledge to share. |
 |
Digital Forensics Magazine is a quarterly features and news magazine from the world of computer and cyber crime and digital forensics. The content published in the magazine is all technically reviewed and carries a certain weight of quality that other trade magazines or webzines don't offer. Digital Forensics Magazine regularly features articles and news from any of the following topic areas: Cyber terrorism, Law from the UK and rest of the world, Management issues, Investigation technologies and procedures, Tools and techniques, hardware, software and network forensics, Mobile devices, Training, eDiscovery,Book/product reviews. |
 |
HPCwire is the #1 news and information portal covering the fastest computers in the world and the people who run them. With a legacy dating back to 1986, HPCwire continues to be the publication of choice globally by business and technology professionals from academia, government, science, and industry who are interested in high performance and computationally intensive computing. For topics ranging from the latest developments in systems, software, tools and applications, to middleware, networking and storage technologies, HPCwire delivers it all and remains the HPC communities’ most reliable and trusted resource. Don't miss a thing - subscribe now to HPCwire's weekly newsletter recapping the previous week's HPC news, analysis and information at: www.hpcwire.com. |
 |
The objective of "ISSA Poland - Association for the Safety of Information Systems," is to promote knowledge of information security, policies and practices that ensure the confidentiality, integrity, availability of information resources, and the promotion and development of its members by enhancing their professional skills related to the protection of information systems, in particular by:
|
Bronze Media Partner
| ISSA |
ISSA, the Information Systems Security Association, Developing and Connecting Cyber security Leaders Globally. The community of choice for international cyber security professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure. ISSA provides educational forums, publications, and peer interaction opportunities that enhance the knowledge and skills of its members. Visit one of ISSA 150+ local chapters today. |
 |
TelcoProfessionals is an interactive, content rich, blog- and video-centric online community and business exchange developed exclusively for the Telecom and Media industry. We are dedicated to individuals working in the industry globally, as a place they can find and help each other get ahead. To enhance your professional profile and network for future business opportunities, or to visit our jobs portal, join us today on www.telcoprofessionals.com. |
 |
TeleTrusT - IT Security Association Germanyis a competence network for IT security comprising members from industry, administration, research as well as national and international partner organizations. TeleTrusT provides interdisciplinary fora for IT security experts and facilitates information exchange between vendors, users and authorities and comments on technical and political and legal issues related to IT security. |
 |
Virus Bulletin is an online security information portal and certification body, providing users with independent intelligence about the latest developments in the anti-malware and anti-spam fields, as well as conducting bimonthly certifications of anti-malware and anti-spam products. The annual Virus Bulletin conference is cited by many as 'the' anti-malware event of the year. |
 |
BPMGeek is a fast growing community of BPM Professionals, Providers and Products which has lots of BPM Related Articles, Tutorials, Templates, Free BPM cloud installs, Case Studies, Code Samples. Several Product vendors show case their success stories and offerings through the portal. |
 |
ContingencyToday.com covers all significant threats to the Critical National Infrastructure, including electronic attack and the sophisticated misuse of computer systems; physical attacks by terrorist organisations and other criminals; the effects of climate change; and other natural disasters, including pandemics, fire and flood. Main Editorial Focus:Bio-terrorism defence; Business resilience and continuity planning; CBRN; Critical National Infrastructure; Emergency response and disaster recovery; Identity authentication; International bio-terrorism defence; IT security; Pandemic, fire and natural disaster prevention, Transportation (air, ground, sea) and border securityRegister for FREE Subscription and Complimentary Newsletter:
(UK only) – Click here (Outside UK) - Click here
|
 |
SecuriTeam is dedicated to bringing you the latest news and utilities in computer security. Having experience as Security Specialists, Programmers and System Administrators we appreciate your need for a "Security Portal" - A central Security web site containing all the newest security information from various mailing lists, hacker channels and our own tools and knowledge. |
 |
DevelopingTelecoms.com focuses on communications developments and solutions in emerging markets in Africa, Asia, Central & Eastern Europe, Latin America and the Middle East. With over 10,500 website visitors per month and 15,000 e-newsletter subscribers, we keep senior executives in the communications ecosystem informed about their business. In addition to daily news updates and features DevelopingTelecoms.com carries case studies, white papers, interviews, video and banner advertising for leading companies. Follow us on twitter, RSS and sign up to our e-newsletter at www.developingtelecoms.com. |
 |
The Smart Sense, www.thesmartsense.com, is a dedicated news platform that published news, articles and interviews regarding “smart technologies”. With smart card, mobile, identification and contactless technologies concerning payments anchored as our forte, our readers and contributors include industry high profiles (C‐Level Executives), market movers, decision makers, associations and end‐users that shape the industry. Like the sixth sense, come and experience the smart technology industry in a whole new way! Contact us at info@thesmartsense.com |
|
|
To become a Media Partner click here.
Andel's Hotel Prague
 |
Stroupeznickeho 21 Prague 15000 Czech Republic |
With sweeping views of the beach, the Andel's Hotel & Suites Prague offers air-conditioned rooms with free Wi-Fi access. The hotel offers a day spa and trendy and modern rooms with a kitchenette, extra long beds and a mini bar.
Guests staying at the Andel's Hotel & Suites Prague can take part in a variety of on-site recreational activities, including walking. Relaxation facilities at the hotel include a Turkish steam bath, a steam room and a sauna. Staff are available 24 hours to reserve tickets and excursions, or recommend the best local restaurants and bars.
Every chic room at the Andel's Hotel & Suites Prague has a safe, a TV and cable / satellite channels. The rooms are decorated with brown, yellow and red tones and have king-size beds. The bathrooms provide complimentary toiletries and a shower.
With a large setting, the Andel's Hotel & Suites Prague's on-site bar offers a choice of premium drinks. Guests can also enjoy a meal in the hotel's restaurant, and room service is provided during limited hours. The hotel also serves a daily breakfast.
Set in Prague 5, the Andel's Hotel & Suites Prague is surrounded by a wealth of shopping, nightlife, and restaurants making it the perfect base for your next trip. Indoor parking is available for drivers, or an airport shuttle service can be requested.
Prague. The City of a Hundred Spires, the Golden City, the Mother of Cities and the Heart of Europe.
It is no exaggeration to call Prague one of the most attractive places on earth. Few cities possess such atmosphere and history, such magnificent art and architectural mastery. Prague is the capital city of the Czech Republic and has become one of the most popular city breaks in Europe. Prague is also an exciting city that offers a mix of art, music, dance, film and theatre. This gem of original European architecture is a beautiful and romantic city with breathtaking views, quiet gardens, rides on riverboats and relaxing strolls along narrow cobblestone lanes. Even with its history dating back more than a thousand years, the Czech capital is still a thriving modern city with luxury hotels, excellent restaurants offering traditional Czech and international cuisine, trendy clubs and enchanting pubs.
Prague Attractions
The city of Prague has only been open to tourists for a relatively short amount of time, but still has plenty to offer in terms of sightseeing as there is something new with almost every turn.
| Old Town Square – One of the most visited attractions in all of Prague is the Astronomical Clocklocated in the Old Town Hall. The clock is actually located at the end of a row of houses that have been standing for the last several hundred years. In fact, work first began on the entire structure all the way back in 1338. |  |
| Charles Bridge – Probably every visitor of Prague must see Charles Bridge. Best time to experience walling, strolling over bridge it’s at dawn, although a romantic walk through the impressively lit streets of Prague by night is nice too. 30 statues that line that bridge, view over Prague Caste and river makes it unforgettable experience. |  |
| Prague Castle – No matter how many times you’ve been to Prague Castle, there is always some new detail that jumps out at you. A questionable legend says that alchemists lived in those cute little houses on Golden Lane; what’s more certain is that goldsmiths and later Franz Kafka were residents. |  |
|
A city on a river – Undulating topography gives Prague its inimitable beauty and its stunning panoramic views. Prague’s many hills provide some stunning vistas. The River Vltava flows through Prague for 31km and created some interesting places in Prague – islands and meanders, providing many idyllic scenes. |
 |
| |
Reflection to the 2012 Cyber Security Summit
Please find below an event summary for the 2012 Cyber Security Summit:
Robert M. Lee, USAF Cyberspace Officer, AFISRA
The European Business Conferences Group (EBCG) hosted its 2nd Annual Cyber Security Summit in Prague, Czech Republic on April 11th.
The two day conference was targeted at industry and business leaders from various sectors in an attempt to bring people together, especially here in Europe, to learn about cyber security issues.
The write up below is an overview of my experience at the conference and a summary of a few of the presentations I enjoyed.
Tom Brennan, Director at SpiderLabs, opened the conference with his presentation on vulnerability researching and what the focus should be as security professionals. He had some good insight into various security risks and vulnerability tactics; many of the vulnerabilities he mentioned were admittedly vulnerabilities the industry has been facing for years.
Cross site scripting, SQL injections, and spear phishing attacks are the bread and butter of vulnerabilities that companies still are not protecting properly against. However, he noted that some of these vulnerabilities can be the hardest things to defend properly against .
Tom had a thought provoking statement about planned obsolescence in the security industry and how the industry may be approaching things from the wrong angle altogether. This made me think about whether or not customers are being forceful enough in demanding quality products while giving good enough feedback to the providers.
Krisztian Piller presented on Information Systems Risk Management at the European Central Bank and what their best practices were. The highlight of his talk was the Anonymous DoS on their bank and the lessons learned from that experience.
One of the main takeaways though was that while security experts know certain things are a risk and feel that aspects should not be accepted, it is management that understands the full scope of what can and cannot be accepted in the company’s risk model. The idea was to prioritize risk and bring expertise to the table but allow management to make the right decisions and for security staff to support them in doing so.
What I took from the talk was the level of financial loss the European Central Bank will allow before considering something a “high” threat. Less than 1k Euro stolen is a low threat; 100k-500k Euro stolen is only a medium threat. That says a lot about the type of threats that they face and what level these incidents actually reach.
Thomas Hemker presented from Symantec and presented the idea that the security community has put a focus in the “wrong place.” He has seen a rise from 785k samples of malware a day in 2010 to over 1.8 million gathered per day currently.
His thesis was that signature based detection does not work anymore and that drive by downloads and unique hashes of adapting malware are making it increasingly hard to defend systems properly. It was his worry that one of the biggest vulnerabilities is mobile platform based malware; Android has the largest share of mobile malware.
The breakdown of malware infected devices was 19% US, 16% China, 5% Germany, followed by the remaining countries with a few percent each.
An interesting statistic was that 1 out of every 7 images and links on Facebook are infected with malicious code or redirects to malicious websites. His closing statement was that a focus on intelligence gathering and correlation in the various industries will be the only way to cause real security changes.
Mika Rintamaki works at If P&C Insurance and described the DDoS attack the company faced from the Allaple worm. His company has over 4 million customers and is very dependent on IT systems; a DoS for them stops their ability to process claims and handle requests from customers.
The attack was initiated on 22 Jun 2006 and the worm did not have a command and control server, once launched it could not be turned off. The interesting aspect of the presentation is that the way they handled the DDoS was by filtering/rejecting malicious packets which they could identify by an extra space the worm included in the Get/ HTTP 1.1 request.
By noticing this small change they were able to defend themselves against the DoS (which had been initiated by a disgruntled customer who was later arrested). Mika stressed the real lesson is the need to develop processes and readiness for such an attack before ever being faced with it.
To start off the second day Tom Brennan presented again on Trustwave Spiderlabs and their global security report. He broke down the 62 page report pointing out a lot of their findings conducted from over 2,000 manual penetration tests and 2 million network and application vulnerability scans.
Tom pointed out that 42.1% of malware types seen were Memory Parsers followed by 13.2% being keyloggers, 13.2% representing application specific attacks, and 2.6% of cases using rootkits.
A lot of the material at the conference seemed like common knowledge to security professionals but the use of specific data, like in Tom’s presentation, really drove the material home to the attendees that were from a non-security background.
The next presentation I attended was by Michel Oosterhof who presented on Incident Response for RSA. From the RSA perspective, 65% of organizations they interact with do not feel they have sufficient resources to prevent an advanced threat. Of the organizations surveyed, 83% believe that they have already been the victim of an advanced threat.
These numbers were very interesting but the most interesting aspect to me was that 85% of the noted breaches took weeks or more to discover. Although breaches going unnoticed is not a new concept, it seems the industry is failing in attribution and detection more so than any other area.
Michel stressed that the anti-malware techniques such as signature based detection are failing; a common theme throughout the conference.
I presented after Michel on the Future of Nation-State Cyber Weapons. In my presentation I described some of the interesting aspects and common themes behind Stuxnet and Duqu as well as their connection to each other through the Tilded platform.
The Tilded platform, named by Kaspersky security experts, resembles nation-state made weaponry in a number of ways. Primarily, the platform based approach is one that nations have been moving towards in the more traditional domains of warfare including aerial platforms.
The focus is on efficiency and the ability to make timely changes through updating payloads and stealth measures just as you would find in the addition of various weapons or sensors on an aircraft. I also spoke a little about the possibility of a third weapon based on the Tilded platform and what we could probably expect to see in terms of style, lessons learned, and target.
Ultimately I believe that SCADA/ICS systems will continue to be a lucrative target for nation-states, if not the first target in a wartime scenario.
After my presentation, Johan Rambi spoke from Alliander on smart meter technology as it relates to critical infrastructure and the lessons learned from its implementation in the Netherlands. The talk was very interesting in that it highlighted that cyber threats could induce rolling blackouts, or worse, through the manipulation of the data on smart meters.
His key takeaway was that a need for an ongoing security process is critical. Inspection, penetration testing, evaluation, and corrections applied to systems must be an ongoing process and stringent enough to give adequate protection to these systems.
From my perspective, the conference was a good meeting location for business leaders to get together and share information and lessons learned from industries that do not usually interact. It was not the style of conference that one might find at BlackHat, DefCon, Hacker Halted, or other more technical conferences yet it represented a great step in educating business leaders.
Personally, I felt the most important aspect of the conference was the ability to network with people from a wide variety of sectors. Establishing new connections, sources of information, and building friendships open up avenues for much needed information sharing.
The real takeaway was that no matter the conference style or location the importance of the cyber community must be placed on education. The conference echoed sentiments that could be found at any information security conference but the unique group of participants that gathered in Prague made for an overall great experience.
 |
 |
Attendee breakdown
