• Like


Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

International Cyber Security 2012



Published in Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On SlideShare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Media outlets covering the Cyber Series included: www.cyber-securityevent.com PRESENTS Focusing on security for networks critical to national security, Cyber Security will feature briefs from the finance, pharmaceutical, oil & gas and energy sectors 29 - 30 May, 2012 Hotel le Plaza, Brussels, Belgium Post-Conference Workshops, 31st May 2012Protecting national security assets fromthe evolving cyber threat Gain a holistic view of the evolving cyber threat facing national security assets with briefings from government, military Featured International Speakers Include: and elements of critical national infrastructure, including BP, Citibank, E.On Energie and GlaxoSmithKline Biologicals Martin Howard, Director Cyber Policy, GCHQ Ken Heap, Head of Global Intelligence, BRITISH Investigate the security challenges associated with the widespread PETROLEUM proliferation of mobile computing devices, and the implications James Gill, Cyber Intelligence Director, CITIBANK for both network and data security in your systems Daniel Labeau, Director of Information Technology, Understand the best methodologies for identifying weak points GLAXOSMITHKLINE BIOLOGICALS within your network security and how to rebut attacks that Stephen Gerhager, Head of Cyber Security, E.ON manage to get through in briefings from the US Army, US Air ENERGIE Force and Canadian Forces Lt Col Alex Tupper, Commanding Officer, Canadian Apply lessons from recent large scale cyber security exercises Force Network Operations Centre, CANADIAN – Germanys LUKEX 11 and ENISA’s US-EU Cyber Response ARMED FORCES tabletop – and learn how to construct similar exercises to test Michael Boyer, Director, RCERT Europe, US ARMY your own security measures Michael McCarthy, Director, Brigade Modernisation Learn about current international efforts to better coordinate Command, US ARMY information sharing and the response to cyber attacks in briefings Jerry Webb, Technical Director, Cyber Analysis from The European Commission, GCHQ and PWC Squadron, US AIR FORCE Norbert Reez, Federal Office for Civil Protection and Disaster Assistance, GERMAN FEDERALWorkshop A, 09.00-11.30 MINISTRY OF THE INTERIORChinese Cyber Warfare – Understanding And Steven Purser, Head of Technical and CompetenceDefending Against The Advanced Persistent Threat Department, ENISALed By: Lt Col (Rtd) Bill Hagestad, RED DRAGON RISING Confirmed Representative, Office of Internet, Information and Network Security, EU COMMISSION Tim Hind, Ex-Head of Intelligence at BARCLAYS BANK, Workshop B, 12:00-14:30 currently consultant with PWC Governance, Risk Management and Compliance For Thomas Parkhouse, Ex-member of the UK MoD Cyber Cloud Computing Plans and Policy Team, ATLANTIC COUNCIL Led By: Marlin Pohlman, Global Research Strategist, CLOUD SECURITY Geoff Harris, Director, INFORMATION SYSTEMS ALLIANCE SECURITY ASSOCIATION TEL: +44 (0)20 7368 9737 FAX: +44 (0)20 7368 9301 EMAIL: enquire@iqpc.co.uk
  • 2. Conference Day One - 29 May 201208.30 – 09.00 COFFEE & REGISTRATION09.00 – 09.10 Chairman’s Opening Remarks09.10 – 09.50 The Role of UK Government Communication Headquarters in Protecting National Information Networks and Countering Espionage • GCHQ’s role in countering the cyber threat in the UK and the changing emphasis after the strategic defence and security review • Notable trends identified over the past 12 months and counter measures • Collaborative efforts to mitigate the risk from malicious activity Martin Howard, Director Cyber Policy, GCHQ09.50 – 10.30 European Strategy For Cyber Security • The European Commission is planning to propose, in the 3rd quarter of 2012, a European Strategy for Internet Security • Such a strategy will be comprehensive and integrated with the overall policy objective to put in place a robust line of defence against cyber attacks and disruptions • The strategy will also develop the International aspects, as engagement and cooperation with International partners are essential to responding to today’s cyber security challenges Confirmed Representative, Office of Internet, Information and Network Security, EU COMMISSION10.30 – 11.00 COFFEE & NETWORKING11.00 – 11.40 Assessing the Security Implications of Introducing COTS Mobile Devices Into The Military • CONOPs behind utilising off the shelf smart phones and tablets for military operations and training • Dangers of using commercially available “known” code vs. proprietary software used on other military systems • Should these items be integrated with existing military networks, or used as standalone products to mitigate risk? Michael McCarthy, Director, Brigade Modernisation Command, US ARMY11.40 – 12.20 US Army Methodology and Tactics For Network Penetration Testing – Plugging The Gaps • How does intelligence feed into cyber security? Understanding the trinity between intelligence, operator and network security • Working with “Ethical Hackers” to train in incident handling and undertake penetration testing • Results from recent exercises, identified vulnerabilities, and methods for plugging the gap • Plans for future exercises going forward and conclusions Michael Boyer, Director, RCERT Europe, US ARMY12.20 – 13.20 NETWORKING LUNCH13.20 – 14.00 Assessing And Predicting Trends To Proactively Counter The Cyber Threat • Looking at trends behind cyber attacks: Where attacks are currently targeting, what they are looking for, and how they are doing so • Is it possible to move from a reactive approach to a more proactive approach? Predicting on the basis of trends and tweaking sensors • Identifying exactly what is to be defended and isolating “weak links” within the network • Mitigating the risk from social networking: Targeted cyber attacks and reduced operational security Jerry Webb, Technical Director, Cyber Analysis Squadron, US AIR FORCE14.00 – 14.40 The Canadian Forces Approach To Developing Effective Methodologies For Rebutting Cyber Attacks • Identifying the types of threat encountered by Canadian Force Network Operations Centre and what trends can be drawn from these • How have these trends informed and modified the standardised processes/methodology for dealing with breaches of security • Assessing what approach the Canadian Forces are taking to integrating tactical mobile devices (smart phones, tablets, laptops etc.) into the wider military network Lieutenant Colonel Alex Tupper, Commanding Officer, Canadian Force Network Operations Centre, CANADIAN ARMED FORCES14.40 – 15.10 COFFEE AND NETWORKING15.10 – 15.50 Understanding The Role Of Statecraft In The Cyber Domain • Cyber Statecraft: can a single approach cover cyber-crime, counter-espionage and deter use of cyberspace in warfare? • Diplomatic & alliance approaches: Practicalities of diplomatic and other responses to cyber attacks • Reassessing critical national infrastructure: What is of strategic importance to a nation in an information age Thomas Parkhouse, Ex-member of the UK MoD Cyber Plans and Policy Team, ATLANTIC COUNCIL15.50 – 16.30 The Importance Of Collaborative Efforts Between Public And Private Sector • Assessing the nature of the cyber threat: Is there a difference in the threats being faced by public and private organisations? • Identifying commonality in attack methods and promoting inter-agency, inter-company and international communication/feedback mechanisms • Limiting the threat posed to secure networks: Educating the end user and the dangers of social networking in targeted attacks Tim Hind, Ex-Head of Intelligence at Barclays Bank, currently consultant with PWC16:30 CHAIR’S CLOSE AND END OF DAY ONETel: +44 (0)(0) 207 368 9737 www.cyber-securityevent.com Email: enquire@iqpc.co.uk Tel: +44 207 368 9737 www.cyber-securityevent.com Email: defence@iqpc.co.uk
  • 3. Conference Day Two - 30 May 201208.30 – 09.00 COFFEE & REGISTRATION09.00 – 09.10 Chairman’s Recap09.10 – 09.50 Managing Threats Against Financial Networks: Can We Stay Ahead Of Evolving Attack Methods? • Challenges of protecting financial assets in a truly global, interconnected network • The need to share information between not only banks, but all facets of CNI to ensure the highest level of security • What patterns have been identified in attack methodologies that are influencing our security needs going forward? James Gill, Cyber Threat Director, CITIBANK09.50 – 10.30 Ensuring Information Security In A Regulated Industry: GlaxosmithKline Perspective • Understanding the difference of working within a regulated industry; Compliance format and information security requirements • Looking at “People” and “Process” rather than “Tools” – monitoring risk and taking ownership of training, monitoring and security culture • Monitoring internet-facing devices at the operational level and monitoring external threats • How are we looking to adapt for the future: bringing “uncontrolled” mobile devices into the network and managing the shift to cloud computing Daniel Labeau, Director of Information Technology, GLAXOSMITHKLINE BIOLOGICALS10.30 – 11.00 COFFEE & NETWORKING11.00 – 11.40 The Growing Cyber Threat To Energy Providers And The Implications of Smart Grid Technology • Understanding the vulnerabilities that smart grid technology brings to energy provision • Who might wish to attack the smart grid and what might they try and achieve through such actions (financial gain, physical manipulation of supply etc.)? • Where are hackers likely to target with such attacks and what can be done to prevent this from happening? • Avenues of research and potential IT solutions to improve smart grid security Stephan Gerhager, Cyber Security Manager, E.ON ENERGIE11.40 - 12.20 Understanding The Nature Of The Cyber Threat – Intelligence Assessment From An Oil And Gas Perspective • Strategic assessment of the major threats facing British Petroleum (and the wider oil/gas community at large) and what trends have been identified over the past 12 months • What are the perpetrators of these attacks looking to achieve and how this is influencing BP’s cyber security requirements? • Planned developments over the next year and how BP is looking to better integrate mobile devices into its networks Ken Heap, Global Head of Intelligence, BRITISH PETROLEUM12.20 – 13.20 NETWORKING LUNCH13.20 – 14.00 Preparing For Cyber Attack: Results Of Germany’s Recent LUKEX 11 Cyber Exercise • The concept behind LUKEX 11 and an explanation of the scenario: Areas that came under “attack”, players in the exercise and desired outcomes • Planning complexities: Plausible Scenario, gaining sufficient buy in from the private sector, and co-ordinating a 3,000 person exercise spread over 100 different institutes • Examining how the exercise unfolded and what lessons were learnt from the scenario Norbert Reez, Lead Planner LUKEX 11, Federal Office for Civil Protection and Disaster Assistance, GERMAN FEDERAL MINISTRY OF THE INTERIOR14.00 – 14.40 Cooperation In Securing Critical National Infrastructure • ENISA’s involvement in the pan-European and EU-US Cyber security exercises – lessons learned and way forward • Important developments in Security and Data Breach Notification regulation (Article 13a of the Telecommunications Framework Directive and Article 4 of the ePrivacy Directive). • Developments in the area of Privacy and trust. Dr. Steve Purser, Head of Technical and Competence Department, ENISA14.40 – 15.10 COFFEE AND NETWORKING15.10 – 15.50 Assessing The Issue of Trust in Cyber Security • Who do we trust the most - Government, cloud providers or penetration testers? • Questioning some of the issues of trust that governments, corporations & security professions have to rely upon • Examination of a real-life case study to expose some of the myths, beliefs and foundations of truth that we thought we could rely on • Questioning where cyber security is heading and what we can do to help shape its future direction Geoff Harris, Director, INFORMATION SYSTEMS SECURITY ASSOCIATION15.50 - 16.30 Security And Transparency In The Cloud: Entrusting Data To An External Provider • Analysis of the main security, governance and compliance implications of cloud computing and possible solutions to improve transparency, accountability and trust. • Ensuring established risk management practices, accountability mechanism, geographic and providers redundancy, effective incident man agement mechanisms, well defined SLAs, etc. • The impact of the use of cloud services on legal and regulatory compliance: entrusting security responsibilities to the cloud provider Daniele Catteddu, Managing Director, EMEA, CLOUD SECURITY ALLIANCE16.30 CHAIRS CLOSE AND END OF CONFERENCETel: +44 (0) 207 368 9737 www.cyber-securityevent.com Email: enquire@iqpc.co.uk Tel: +44 (0) 207 368 9737 www.cyber-securityevent.com Email: defence@iqpc.co.uk
  • 4. Post-conference Workshops - 31 May 2012Workshop A: 09.00-11.30Chinese Cyber Warfare – Understanding And Defending Against The Advanced Persistent ThreatLed By: Lt Col (Rtd) Bill Hagestad, RED DRAGON RISINGWith a myriad of examples over the past few years, cyber warfare has become firmly established as the 5th domain of war-fare. The development and proliferation of malware, viruses and Advanced Persistent Threat (APT) poses a significant threat for high-value networks such as those belonging to government, military and CNI organisations. To protect these targets it is vital to understand both the nature of the threat and the intention of the attack in order to develop a lasting, robust defence against cyber attack.This workshop will assess the cyber threat currently being deployed by China in order to better defend against the ad-vanced persistent threat. Emphasising defensive measures to be taken against the attack, the workshop will provide a run down of the People’s Republic of China’s cyber wafare capability, addressing the following points:1) Introduction to the People’s Republic of Cyber Warfare - Defining the Advanced Persistent Threat (APT)2) Interests & Intent of the People’s Liberation Army Informatization Campaign3) Defending against the APT of Chinese Informatization Campaigns - creating a defence-in-depth4) Achieving an enduring defensive capability against the Chinese Cyber APTWorkshop B: 12:00-14:30Governance, Risk Management and Compliance For Cloud ComputingLed By: Marlin Pohlman, Global Research Strategist, CLOUD SECURITY ALLIANCEAchieving Governance, Risk Management and Compliance (GRC) goals requires appropriate assessment criteria, relevant control objectives and timely access to necessary supporting data. Whether implementing private, public or hybrid clouds, the shift to compute as a service presents new challenges across the spectrum of GRC requirements. The Cloud Security Alliance GRC Stack provides a toolkit for enterprises, cloud providers, security solution providers, IT auditors and other key stakeholders to instrument and assess both private and public clouds against industry established best practices, standards and critical compliance requirements.The workshop will provide key insight into standards and techniques developed by the Cloud Security Alliance, including:• Cloud Audit – providing a common interface and namespace to allow cloud computing providers to automate Audit, Assertion Assessment and Assurance of (A6) of their infrastructure (IaaS), platform (PaaS), and application (SaaS) environments and allow authorized consumers of their services to do likewise. Delegates will gain an understanding of the technical foundation to improve transparency and trust in private and public clouds.• Cloud Controls Matrix - designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider. As a framework, the CSA CCM provides delegates from across industries with the needed structure, detail and clarity relating to information security tailored to the cloud industry.• Consensus Assessments Initiative Questionnaire - available in spreadsheet format, and provides a set of questions a cloud consumer and cloud auditor may wish to ask of a cloud provider. It provides a series of “yes or no” control assertion questions which can then be tailored to suit each unique cloud customer’s evidentiary requirements.• Cloud Trust Protocol - the mechanism by which cloud service consumers ask for and receive information about the elements of transparency as applied to cloud service providers. The primary purpose of the CTP and the elements of transparency is to generate evidence-based confidence that everything that is claimed to be happening in the cloud is indeed happening as described and nothing else. Tel: +44 (0) 207 368 9737 www.cyber-securityevent.com Email: enquire@iqpc.co.uk
  • 5. 4 Reasons Why You Should Sponsor Cyber Security 2012ContingencyToday.com is dedicated to the 1. Raise your profile and position yourself as the global product leaderchallenges and opportunities provided by the broad to take advantage of major current and future internationalspectrum of critical infrastructure protection and investment programmescivilian homeland security. 2. Three full days of networking opportunities with key internationalMain Editorial Focus: Bio-terrorism defence; government, military and industry decision makers providing youBusiness resilience and continuity planning; CBRN; with unparalleled face-to-face time with potential new customers.Critical National Infrastructure; Emergency response and disaster recovery; Identity authentication ; 3. Tailor made sponsorship packages enabling you to competitivelyInternational bio-terrorism defence; IT security; position your brand and increase awareness of your productPandemic, fire and natural disaster prevention; or service to your target marketTransportation (air, ground, sea) and border security. 4. A strictly enforced end-user to vendor ratio, creating a more intimateRegister for FREE Subscription and environment for networking and knowledge sharingComplimentary Newsletter For further details, or to discuss which option is best for your(UK only) organisation, please call Simon Benns on +44 (0) 20 7368 9857 orwww.contingencytoday.com/subscription_free.php Email: sponsorship@iqpc.co.uk(Outside UK) freemagazine@contingencytoday.comABOUT DEFENCE IQTel: +44(0)207 368 9300 Email: newsletter@defenceiq.com Defence IQ is an authoritative news source for high quality and exclusive commentary and analysis on global defence and military-related topics. Sourcing interviews and insights directly from senior military and industry professionals on air defence, cyber warfare, armoured vehicles, naval defence, land defence and many more topics, Defence IQ is a unique multimedia platform to discuss and learn about the latest developments within the defence sector. So join over 45,000 defence professionals today to claim your exclusive video interviews, podcasts, articles and whitepapers that are updated on a daily basis at www.defenceiq.com - and all for free. Join the community: http://www.defenceiq.com/join.cfm MEDIA PARTNERS Tel: +44 (0)(0) 207 368 9737 www.cyber-securityevent.com Email: enquire@iqpc.co.uk Tel: +44 207 368 9737 www.cyber-securityevent.com Email: defence@iqpc.co.uk
  • 6. cyber security 2012 5 WAYS TO REGISTER29 - 30 May, 2012Hotel le Plaza, Brussels, Belgium Freephone: 0800 652 2363 or +44 (0)20 7368 9737Post-Conference Workshops, 31st May 2012 Fax: +44 (0)20 7368 9301To speed registration, please provide the priority code located on the mailing label or in the box below.my registration code is: PdFW Post: your booking form to IQPC Ltd. 129 Wilton Road,Please contact our database manager on +44(0) 207 368 9300 or at database@iqpc.co.uk quoting the registration code London SW1V 1JZabove to inform us of any changes or to remove your details. Online: www.cyber-securityevent.com Miltiary/Govt/Public Sector/CNI End Users** Package 4 BOOK & PAY BY BOOK & PAY BY Standard Price Email: defence@iqpc.co.uk March 30th 2012* April 27th 2012* Conference + 2 Workshops €1,157+VAT €1,297+VAT €1,397+VAT Conference + 1 Workshop*** €948+VAT €1,148+VAT €1,198+VAT TEAm dISCOunTS* Conference only €599+VAT €699+VAT €799+VAT IQPC recognises the value of learning in teams. Groups of 3 or more booking at the same time from the same company receive a 10% Standard Industry discount. 5 or more receive a 15% discount. 7 receive a 20% discount. Package 4 BOOK & PAY BY BOOK & PAY BY Standard Price Only one discount available per person. March 30th 2012* April 27th 2012* Conference + 2 Workshops €2,997+VAT €3,097+VAT €3,297+VAT VEnuE & ACCOmmOdATIOn Conference + 1 Workshop*** €2,348+VAT €2,448+VAT €2,598+VAT VEnuE: Conference only €1,699+VAT €1,799+VAT €1,899+VAT HOTEL LE PLAZA - BOULEVARD ADOLPHE MAXLAAN, 118-126* To qualify for discounts, payment must be received with booking by the registration deadline. Early booking discounts are not valid in conjunction 1000 BRUXELLESwith any other offer. Belgium VAT charges at 21%. VAT registration number BE 081 7979 521 E-mail : reservations@leplaza.be Tel : +32 2 278 01 00 Fax : +32 2**Military & Government discounted rates apply to serving military officers, government and university personnel only. 278 01 01Website: www.leplaza-brussels.be/uk/index.php*** Please select your choice of workshop A 6 B 6***General/Flag officer 1* and above may attend the conference free of charge Please contact defence@iqpc.co.uk for further details. This ACCOmmOdATIOn:offer cannot be combined with any other offer and is non-transferable. Accommodation: Travel and accommodation is not included in the regis- tration fee. However a number of discounted bedrooms have been reserved delegate details - Simply complete thiS form and click Submit at Hotel Le Plaza. Please call the hotel directly on Tel: +32 2 278 01 00Please photocopy for each additional delegate and quote booking reference IQPC to receive your discounted rate, prices Mr Mrs Miss Ms Dr Other start from €185 including taxes and breakfast. There is limited availability so we do encourage attendees to book early to avoid disappointment.Rank First NameFamily Name Job Title FREE OnLInE RESOuRCESTel No. To claim a variety of articles, podcasts and other free resources please visit www.cyber-securityevent.comEmail Yes I would like to receive information about products and services via email dIGITAL COnFEREnCE On Cd-ROmIQPC Point of contact A digital version of the conference proceedings, including all presentations, is available to buy. 6 I cannot attend the event, please send me the CD Rom priced atOrganisation £599 plus VAT Recent digital conferences available - £599 plus VAT eachNature of business 6 Cyber Warfare 2012Address 6 Network Centric Warfare 2011 6 Information Operations 2011Postcode Country 6 Cyber Security 2011 Please send me conference materials indicated above.Telephone I have filled out credit card details belowFax For further information Please call: 0207 368 9300 or email: knowledgebank@iqpc.co.uk.Approving Manager TERmS And COndITIOnSName of person completing form if different from delegate Please read the information listed below as each booking is subject to IQPC Ltd standard terms and conditions.I agree to IQPC’s cancellation, substitution and payment terms Payment Terms Upon completion and return of the registration form full payment is required no later than 5 business days from the date of invoice. Payment of invoices by means other than by credit card, or purchaseSpecial dietary requirements: Vegetarian Non-dairy Other (please specify) order (UK Plc and UK government bodies only) will be subject to a €65 (plus VAT) per delegate processing fee. Payment must be received prior to the conference date. We reserve the right to refuse admission to the conferencePlease indicate if you have already registered by: Phone Fax Email Web if payment has not been received.Please note: if you have not received an acknowledgement before the conference, please call us to confirm your booking. IQPC Cancellation, Postponement and Substitution Policy You may substitute delegates at any time by providing reasonable advance notice to IQPC. For any cancellations received in writing not less than eight (8) days Payment method prior to the conference, you will receive a 90% credit to be used at another IQPC conference which must occur within one year from the date of issuance of such credit. An administration fee of 10% of the contract fee will be retained by IQPC for all permitted cancellations. No credit will be issued for any cancellations occurring within seven (7) days (inclusive) of the conference.Total price for your Organisation: (Add total of all individuals attending): In the event that IQPC cancels an event for any reason, you will receive a credit for 100% of the contract fee paid.Card Number: VISA M/C AMEX You may use this credit for another IQPC event to be mutually agreed with IQPC, which must occur within one year from the date of cancellation. In the event that IQPC postpones an event for any reason and the delegate is unable or unwilling to attend in on the rescheduled date, you will receive a credit for 100% of the contract fee paid. You may use this credit for another IQPC event to be mutually agreed with IQPC, which must occur within one year from the date of postponement.Exp. Date: Sec: Except as specified above, no credits will be issued for cancellations. There are no refunds given under any circumstances.Name On Card: IQPC is not responsible for any loss or damage as a result of a substitution, alteration or cancellation/postponement of an event. IQPC shall assume no liability whatsoever in the event this conference is cancelled, rescheduled or postponed due to a fortuitous event, Act of God, unforeseen occurrence or any other event that renders performanceBilling Address (if different from above): of this conference impracticable, illegal or impossible. For purposes of this clause, a fortuitous event shall include, but not be limited to: war, fire, labour strike, extreme weather or other emergency. Please note that while speakers and topics were confirmed at the time of publishing, circumstances beyond the control of the organizers may necessitate substitutions, alterations or cancellations of the speakers and/or topics.City/County/Postcode Cheque enclosed for: £ (Made payable to IQPC Ltd.) As such, IQPC reserves the right to alter or modify the advertised speakers and/or topics if necessary without any liability to you whatsoever. Any substitutions or alterations will be updated on our web page as soon as possible.(Please quote conference code: 18896.003 with remittance advice) Discounts All ‘Early Bird’ Discounts require payment at time of registration and before the cut-off date in order to receive any discount. Any discounts offered by IQPC (including Team Discounts) require payment at the time ofIQPC Bank Details: HSBC Bank, 67 George Street, Richmond Surrey, TW9 1HG. Sort Code: 40 05 15 Account No: registration. Discount offers cannot be combined with any other offer.59090618 Swift Code: MIDLGB22 IBAN Code: GB98 MIDL 4005 1559 0906 18Account Name: International Quality & Productivity Centre Ltd. CliCK heRe to sUBmit FoRm noW Via email