Walk-in

Jaya Baloo, a preeminent cybersecurity authority, will guide the audience through the revolutionary world of Quantum Computing and its consequential impact on cybersecurity. "Spooky Action," a term coined by Albert Einstein, symbolizes quantum entanglement's mysterious interconnectedness, challenging our understanding of space and time. Jaya will explore how the emergence of quantum technologies threatens to dismantle current encryption standards, exposing the digital realm to unparalleled risks, while also highlighting the innovations in Quantum Cryptography and proactive strategies organizations can adopt to navigate the quantum evolution securely.

Uncover the hidden impact of ransomware attacks on mental health in organizations. Join our experienced psychologists as they draw from real-life stories to reveal effective strategies to reduce the psychological fallout of ransomware attacks, and shed light on the urgency of addressing mental well-being in the face of cyber incidents.
We utilize a three-phase approach: pre-incident preparation, mental impact support during incidents, and post-incident support. We describe key elements to create an environment that fosters mental health resilience and empowers people during ransomware attacks.

It is a reality of the 2020s that, even now, there are companies who struggle to build secure software. In this talk Tess will share observations and lessons learned while implementing AppSec at three different organisations.

Is it possible to trick a facial detection algorithm with... yarn? In this talk I will explore the possibilities and process of making a knitted garment to trick facial detection into seeing faces that aren't really there. This talk will go through how these algorithms work (at a high level), and then the process of making an image into a pattern, knitting it, and testing it. I will also talk about the surprising relationship between knitting and algorithms, and other, more practical, work that is being done in the space of tricking AIs.

In the current realities, automotive cybersecurity is mostly driven by compliance need, however, we are used to view compliance as some form of just ticking a box without considering the real implication of cyber security. But is it really everything that compliance stands for? Automotive cybersecurity is a good example that shows how vehicle manufacturers are required to take cyber security into account not only in the cars themselves but also integrate into all existing manufacturing processes. Regulators require from automotive industry to develop appropriate cyber security management system, perform threat and risk assessment, take control over their suppliers and of course perform penetration testing. In this talk we are going to focus on the study case of performing threat and risk assessment of the door system of a bus that seemed like a trivial task without any obvious cyber security threats. In reality we have identified around 50 potential cyber security threats some of them having direct impact on safety of the passengers. Those risks would have been missed and not addressed without the regulators requirements.

In an era where cybersecurity threats evolve at an unprecedented pace, organizations face an ever-growing challenge to protect their digital assets and sensitive data. Palo Alto Networks, a recognized leader in network security, is at the forefront of the battle against cyber threats, leveraging cutting-edge Artificial Intelligence (AI) technologies to fortify the digital defenses of businesses worldwide.

This presentation delves into the world of Palo Alto Networks' AI-powered security products, providing a comprehensive exploration of the transformative potential of AI in the realm of cybersecurity. Attendees will gain invaluable insights into how AI is being harnessed to enhance threat detection, response, and prevention, and how it is changing the landscape of cybersecurity operations.

Lunch

Lunch

In infosec we often stand before the option the go for either a behavior based measure to mitigate risks or choose a technical measure. In this talk I will argue that technical measures are preferable and why we need to reconsider our fear of them stimulating shadow IT.

When you're good at sport you don't just sport. You train specific muscles, specific moves, probably according to a personalized training schedule. Maybe you even have a coach. As a security expert, hacking may be your sport. But do you have a training schedule? Or a coach? It turns out we hardly practice specifically coding by pure practice but often just learn on the job although pure practice can be very effective. In this talk, we'll look at coding as a sport and check out how you can best train and live to bring out the best in yourself! Specifically I'll focus on python and exploit code.

Water distribution networks are a fundamental component of modern urban infrastructure, supplying clean water to consumers. However, these networks are increasingly vulnerable to cyber-attacks, posing significant risks to public health and safety. As technology advances and interconnected systems become prevalent, the potential for malicious actors to exploit vulnerabilities in water distribution networks grows exponentially. Therefore, robust cyber-attack detection mechanisms are essential for safeguarding this critical infrastructure. This presentation aims to explore the current landscape of cyber-attack detection methods in water distribution networks and highlight the challenges faced.

When we talk about tech stacks we usually think about big organizations running systems, but in the current day and age we too have a large digital footprint. In this talk we will go over mapping out our personal tech stack and start identifying any threats that could be useful to help prevent stalking and harassment, or at least be aware of the risks you encounter.

Creating a fitting Cyber Strategy can be a challenge for companies. Often this is done based on a standard or framework and adjusted due to new laws & regulations being introduced. Though this can be a good starting point to move in the right direction, these frameworks do not show you whether your strategy connects to your business objectives and strategic values.

Break

Break

The cyber security industry is fast paced as a result of two opposing forces attempting to outsmart each other: attackers search for new attack vectors to compromise their targets' infrastructure while defenders deploy technical measures and processes intended to stop attackers in their tracks. These opposing forces result with changes in TTPs used by adversaries to overcome newly-deployed technical defenses. These changes also reflect in red teaming engagements as red teamers adjust their workflows to circumvent the defenses. What are the most impactful technical changes that have induced changes in the adversary TTPs and how will this continue in the future?

In the interactive talk "We may have been hacked, and all we got was this lousy actor", participants will dive into a real-life hack scenario that blindsided an allegedly ‘super secure’ European organization. Can you unravel the attack ánd identify the actor who was behind it by analyzing the forensic evidence (if any..) and using threat intelligence techniques? Caution: Brace yourselves, as the term "AI" may make a buzzworthy appearance.

closing

Drinks and snacks!

Drinks and snacks!