Cyber Security for the Military and Defence Sector 2013
TO BY Y 00 CH K AR TO BO EBR £3 AR O U F E M 00 TH V28 A 28T £1 H S BY E V O SA K SMi Presents their 6th annual B O CYBER SECURITY FOR THE MILITARY AND DEFENCE SECTOR 19 - 20 JUNE 2013 | COPTHORNE TARA HOTEL | LONDON, UK CONFIRMED CHAIRMAN: WHY SHOULD YOU ATTEND • LEARN- about emerging Mr Geoff Harris, Management Council, Information threats, current initiatives and Security Systems Associations UK the recent technical developments in network, SPEAKER PANEL INCLUDES firewall, and database security Commander Wolfgang Roehrig, Project Officer Cyber Defence, European Defence Agency • ASSESS- the experiences of current military operators and Dr Jamie Shea, Deputy Assistant Secretary General, Emerging share ideas with civilian Security Challenges Division, NATO industrial peers Mr Ulrich Poeschl, Chief Security Architect, Infosec Planning & • ANALYSE- the latest cyber Implementation Authority, Austrian MoD defence solutions, training Mr John Ross, Strategic Analyst, Canadian Department of and network threats National Defence • ENGAGE- with international Ms Heli Tiirma Klaar, Cyber Security Policy Advisor, Conflict military and inductrial Prevention and Security Policy Directorate, European External representatives in dedicated Action Service question & answer sessions. Hasan Yasar, Technical Manager, CERT, Digital Intelligence and Communicate directly with Investigations, Software Engineering Institute military operators, defence Mr Akira Yamada, Senior Security Analyst, Cyber Defence contractors tasked with Institute Japan supplying secure equipment, Special Agent representative, FBI Cyber ALAT, Cyber Division, as well as experts at the Federal Bureau of Investigation forefront of producing cyber security solutions. Mr Patrick Curry OBE, Director, British Business Federation Authority PLUS TWO INTERACTIVE HALF-DAY PRE-CONFERENCE WORKSHOPS 18 JUNE 2013 | COPTHORNE TARA HOTEL | LONDON, UK A: Threat Intelligence, Threat Horizons B: Process Modelling for Information Security WORKSHOP LEADER: Mr Cristiano Lincoln Mattos, SEO, Engineering (PROMISE) in the UKCNI Tempest Security Intelligence 09.00-12.30 WORKSHOP LEADER: Dr Howard Thompson, Managing Director, NAS Defence 13.00-17.00 www.cyberdefenceevent.com Register online or fax your registration to +44 (0) 870 9090 712 or call +44 (0) 870 9090 711
DAY ONE I 19 JUNE 2013 www.cyberdefenceevent.com 08.30 REGISTRATION & COFFEE 13.40 Risks of Social Media to Organizations and Personnel 09.00 • Insight into potentially disruptive effect of social media on Chairmans Opening Remarks defence and security Mr Geoff Harris, Management Council, Information • Insight into personnel implications from work-related to Security Systems Associations UK personal issues OPENING ADDRESS • Insight into organizational implications including cyber-vetting, 09.10 trust and potential effects on organizational management NATO’s policy on cyber defence and the evolution of the cyber • Using example from real-world and potential scenarios challenge John Ross, Strategic Analyst, Canadian Department of • How cyber is changing the nature of conflict and crisis National Defence management • NATOs perception of the cyber threat • How NATO is constructing its cyber defence organization 14.20 • Future tasks and challenges Sharing sensitive information securely- times are changing Dr Shea, Deputy Assistant Secretary General, Emerging • What business and cyber information is being shared securely Security Challenges Division, NATO and the strategic drivers for it? • What are the collaborative mechanisms, technologies and 09.50 standards enabling such sharing, and the threats to success? Technical aspects of cyber security as seen by the Austrian military and the local milCERT • Where is such information sharing happening in UK and • What is as an "advanced threat"? internationally? • (Scary) ways around conventional defence mechanisms • Whats likely to happen in the next 3 years and what should • Live-Demo of a target-system infection with conventional my organisation be doing? defence Mr Patrick Curry OBE, Director, British Business Federation • Emerging cyber threats - strategies to cope with them • Optional: Further live-demos (Fighting back the malware from Authority 1st demo, create custom anti-virus signatures) Mr Ulrich Poeschl, Chief Security Architect, Infosec 15.00 AFTERNOON TEA Planning & Implementation Authority, Austrian MoD 15.30 10.30 MORNING COFFEE Cyber Security and the UKs Critical National Infrastructure 11.00 • Identifying what elements are ‘critical’ Adversity, risk and trustworthiness • Benefits and risks of international commercial cooperation • Why there is a need for a consensus on adversity, risk and • Creating and maintaining a stable cyber policy for protecting trustworthiness CNI • The role of Standards Development Organisations (SDO) in Mr Dave Clemente, Research Associate, International achieving such a consensus Security, Royal Institute of International Affairs • Achieving the desired outcome with the Trustworthy Software Framework (TSF) Mr Ian Bryant, Technical Director, Trustworthy Software 16.10 Initiative Defending the UK defence industry against cyber attack • The changing landscape of the cyber threat to the UK 11.40 Defence Industry Speed up the velocity of investigation with behaviour analysis of • Understanding your cyber resilience maturity in the face of the malware cyber threat? • Identify and capture the signature of suspicious files, • Behavioural Analysis with correlation of other artefact, • How the UK Defence industry is working together to detect, • Importance of Multiple Analysis Platform, analyse and respond to threats • How to correlate multiple malware and find the similar ones? • What does the cyber future bring for the UK Defence Industry? • Result: Malware activity graphs. Mr Vincent Blake, Head of Cyber Security, Hasan Yasar, Technical Manager, CERT, Digital Raytheon UK Intelligence and Investigations, Software Engineering Institute 16.50 12.20 NETWORKING LUNCH Chairmans Closing Remarks and Close of Day One Register online at www.cyberdefenceevent.com • Fax: +44 (0) 870 90 Supported by
DAY TWO I 20 JUNE 2013 www.cyberdefenceevent.com 08.30 REGISTRATION & COFFEE 13.40 Achieving global cyber security through cooperation 09.00 • About ENISA • Protecting Critical Information Infrastructure Chairmans Opening Remarks • Input to EU & MS Cyber Security Strategies Mr Geoff Harris, Management Council, Information • Assisting Operational Communities Security Systems Associations UK • Security & Data Breach Notification • Data Protection OPENING ADDRESS • Future Direction 09.10 Dr Steven Purser, Head of Core Operations Department, European Network and Information Security Agency The FBIs role in the advancement of cyber security (ENISA) Special Agent representative, FBI Cyber ALAT, Cyber Division, Federal Bureau of Investigation 14.20 Voluntary participation in national cyber defence: The example 09.50 of the Estonian cyber defence unit Strategies for cyber security and defence: Organisational • Legal and policy framework for using volunteers in national cyber defence perspective • Functioning and roles of the CDU: Estonian case study • Presentation will offer a blueprint what constitutes a successful • Legal implications arising from using volunteers in national cyber strategy cyber defence • Comparison of national cyber strategies Senior Scientist, Legal & Policy Branch, • Basic elements of a cyber defence policy of a multinational NATO CCD COE organisation • Major elements for a successful national cyber security and defence strategy 15.00 AFTERNOON TEA Ms Heli Tiirma Klaar, Cyber Security Policy Advisor, 15.30 Conflict Prevention and Security Policy Directorate, Cyber security incident response European External Action Service • The security services industry’s response to cyber security threats; how do you prepare for an incident and what are the 10.30 MORNING COFFEE immediate steps and decision making process that you will have to go through following an incident • Government and private sector initiatives for validating third 11.00 party security services providers Cyber Defence Capability Building in EU • How to identifying suitable cyber security incident response • Military aspects of the cyber security strategy for the European service suppliers and what should be considered in contracts Union for their services • Military capability development in EU cyber defence Mr Ian Glover, President, • Pooling & Sharing in Cyber Defence CREST • A stock-take of EU cyber defence capability Commander Wolfgang Roehrig, Project Officer Cyber 16.10 Building and managing a comprehensive computer Incident Defence, European Defence Agency response capability • Dont start when the horse has bolted; Starting with protection 11.40 and defence Japanese cyber security update • Scope and ambition • Cyber threats/attacks in Japan • Appetite for Interoperability • Response activities - Are you prepared to share with other nations? • Findings from massive cyber attacks • What tools are out there? • The need for integration and cooperation • Activities on digital Forensics Mr Jeremy O’Connor, Security & Smart Solutions, Mr Akira Yamada, Senior Security Analyst, Selex ES Cyber Defence Institute Japan 16.50 12.20 NETWORKING LUNCH Chairmans Closing Remarks and Close of Day Two090 712 • Call: +44 (0) 870 9090 711 • GROUP DISCOUNTS AVAILABLE SPONSORSHIP AND EXHIBITION OPPORTUNITIES Are you interested in promoting your defence services to a SMi offer sponsorship, exhibition, advertising and branding packages, targeted industry sector? SMi offer tailored marketing uniquely tailored to complement your companys marketing strategy. Prime packages so that your association / publication can gain networking opportunities exist to entertain, enhance and expand your client access to a global market and key decision makers in the base within the context of an independent discussion specific to your defence market. industry. Should you wish to join the increasing number of companies benefiting from sponsoring our conferences please call: Simon Wright, SMi Contact Sonal Patel, SMi Marketing on +44 (0) 20 7827 6106 Sponsorship +44 (0) 20 7827 6732 or email: firstname.lastname@example.org or email: email@example.com
HALF-DAY PRE-CONFERENCE WORKSHOP A 9.00 – 12.30 I 18 JUNE 2013 COPTHORNE TARA HOTEL I LONDON, UK Threat Intelligence, Threat HorizonsIn association withOverviewThis workshop will give delegates a valuableinsight in to the actions and motivations ofpotential attackers and understand the number,diversity and speed of actual attacks on theirsystems and the motivation, techniques, strategiesand operations of the attackers as well as theimplications of changing IT trends such as BYOD,cloud computing and mobile technology. For toolong we have been playing ‘catch up’ with thecyber criminals – it’s time to get ahead of thegame and give ourselves an intelligentadvantage.Agenda08.30 Registration & Coffee09.00 Global cyber threat outlook (recent discoveries/attacks and operations with their likely background and impact/international implications)09.45 Morning Coffee10.30 Sector specific cyber threat outlook (financial sector/CNI/aviation/pharma etc)11.15 Collateral damage from malware used on an international base (examples for Flame, Duqu, Stuxnet and how they are being exploited by cyber criminals)12.00 End of WorkshopAbout the Workshop LeaderMr Cristiano Lincoln Mattos, SEO, TempestSecurity IntelligenceCEO Cristiano Lincoln Mattos has been active inInformation Security since being introduced to theinternet in 1993, and has accumulated significantexperience in both engineering and testingsecurity defences. As one of Tempest’s founders,Lincoln has fulfilled a critical role in creating anddeveloping the company’s expertise, productsand strategy over the past 12 years. Anexperienced consultant, he has assumed avariety of roles within Tempest, includingpenetration testing and vulnerability researchprojects, developing software tools, and buildingand leading top-notch teams through complextechnical projects.About Tempest Security IntelligenceTempest Security Intelligence has been deliveringexceptional service quality to Clients in Brazil andEurope for the past 12 years. Tempest delivershighly specialised information security consultingservices to large and medium-sized organisationsin the private and public sectors, and is relied onto protect some of the largest global financialinstitutions. Our focus on information securitymanagement allows us to build long-term,strategic relationships with our clients that result instable and continuous service. Our in-depthknowledge, expertise and extensive R&D efforts,have given Tempest an authoritative position inthe cyber security market.
HALF-DAY PRE-CONFERENCE WORKSHOP B 13.30-17.00 I 18 JUNE 2013 COPTHORNE TARA HOTEL I LONDON, UK Process Modelling forInformation Security Engineering (PROMISE) in the UKCNI In association withOverviewThe UK Critical National Infrastructure (UKCNI) iscrucial to the safetl and defence of the UK,however, they are not always Governmentowned, are often in the hands of foreign ownersand are not subject to a consistent or supervisedlevel of information security. This workshop willaddress this issue by presenting a model for thedesign of a socio-technical information securityengineering management design methodologyfor the purpose of reconciling technicalrequirements with human and social factorsinherent in any management system. The method,called PROMISE (Process Modelling for InformationSystems Engineering), is intended to provide amodel for a researched platform of ideas,expressed as processes, in order to better informinformation security decisions with the aim ofmaking those decisions better suited to the needsof the information security manager operating ina UKCNI organisation.Agenda13.30 Registration & Coffee14.00 Security management in the UKCNI- It’s not just technology15.00 Afternoon Tea15.30 How can Information security management processes in the UKCNI be better designed, developed and implemented?16.30 Question & Answer Discussion17.00 End of WorkshopAbout the Workshop Leader Dr Howard Thompson, Managing Director, NAS Defence After a career in policing, security and counter-intelligence work in government service, a number of years of which were spent in IT and CommunicationsSecurity, Dr Howard Thompson moved into theprivate sector where he built on his technicalexpertise by gaining commercial and industrialsector skills and knowledge. Since then, he hasundertaken a number of IT security consultancy andmanagement roles in various international industriesincluding aerospace, defence and systems, andnow practices as an IT Security Consultant,providing services to many companies andorganisations that now comprise the UKCNI.About NAS CyberDefenceNAS CyberDefence consultancy services aredesigned to help organizations to realize the secureand safe management of corporate governance,manage operational risk, maintain legal, regulatoryand standards compliance, protect intellectualproperty and secure business communications.
ONLINE at www.cyberdefenceevent.com CYBER SECURITY FOR THE MILITARY AND DEFENCE SECTOR CONFERENCE: 19 - 20 JUNE 2013 COPTHORNE TARA HOTEL, LONDON, UK | WORKSHOPS: 18 JUNE 2013 4 WAYS TO REGISTERFAX your booking form to +44 (0) 870 9090 712 POST your booking form to: Events Team, SMi Group Ltd, 2nd Floor South,PHONE on +44 (0) 870 9090 711 Harling House, 47-51 Great Suffolk Street, London, SE1 0BS EARLY BIRD □ Book by 28 February and receive a £300 discount DISCOUNT □ Book by 28 March and receive a £100 discount CONFERENCE PRICES GROUP DISCOUNTS AVALABLE I would like to attend: (Please tick as appropriate) Fee Total MILITARY, GOVERNMENT & PUBLIC SECTOR RATE □ Conference and both Workshops £2097.00 + VAT £2516.40 □ Conference & Interactive Workshop £1498.00 + VAT £1797.60Unique Reference Number □ Conference only £899.00 +VAT £1078.80Our Reference LV D-031 □ Interactive Workshop only £599.00 +VAT £718.80 COMMERCIAL ORGANISATIONSDELEGATE DETAILS □ Conference and both Workshops £2697.00 + VAT £3236.40Please complete fully and clearly in capital letters. Please photocopy for additional delegates. □ Conference & Interactive Workshop £2098.00 +VAT £2517.60Title: Forename: □ Conference only £1499.00 +VAT £1798.80Surname: □ Interactive Workshop only £599.00 +VAT £718.80Job Title: PROMOTIONAL LITERATURE DISTRIBUTIONDepartment/Division: □ Distribution of your company’s promotional literature to all conference attendees £999.00 + VAT £1198.80Company/Organisation: The Conference fee includes refreshments, lunch, conference papers andCompany VAT Number: CD ROM containing all of the presentations.Email:Address: VENUE Copthorne Tara Hotel, Scarsdale Place, Kensington, London, W8 5SR. □ Please contact me to book my hotelTown/City: Alternatively call us on +44 (0) 870 9090 711,Post/Zip Code: Country: email: firstname.lastname@example.org or fax +44 (0) 870 9090 712Direct Tel: Direct Fax:Mobile: DOCUMENTATION (Shipped 10-14 days after the event)Switchboard: I cannot attend but would like to purchase access to the following Document Portal/paper copy documentation: Price TotalSignature: Date: □ Access to the conference documentationI agree to be bound by SMis Terms and Conditions of Booking. on the Document Portal £499.00 + VAT £598.80ACCOUNTS DEPT □ The Conference Presentations - paper copy £499.00 - £499.00 (or only £300 if ordered with the Document Portal)Title: Forename:Surname: PAYMENTEmail: Payment must be made to SMi Group Ltd, and received before the event, by one ofAddress (if different from above): the following methods quoting reference D-031 and the delegate’s name. Bookings made within 7 days of the event require payment on booking, methods of payment are below. Please indicate method of payment:Town/City: □ UK BACS Sort Code 300009, Account 00936418Post/Zip Code: Country: □ Wire Transfer Lloyds TSB Bank Plc, 39 Threadneedle Street, London, EC2R 8AU Swift (BIC): LOYDGB21013, Account 00936418Direct Tel: Direct Fax: IBAN GB48 LOYD 3000 0900 9364 18 □ Cheque We can only accept Sterling cheques drawn on a UK bank.Terms and Conditions of Booking □ Credit Card □ Visa □ MasterCard □ American Express All credit card payments will be subject to standard credit card charges.Payment: If payment is not made at the time of booking, then an invoice will be issued and mustbe paid immediately and prior to the start of the event. If payment has not been received then Card No: □□□□ □□□□ □□□□ □□□□credit card details will be requested and payment taken before entry to the event. Bookings within Valid From □□/□□ Expiry Date □□/□□7 days of event require payment on booking. Access to the Document Portal will not be given untilpayment has been received.Substitutions/Name Changes: If you are unable to attend you may nominate, in writing, anotherdelegate to take your place at any time prior to the start of the event. Two or more delegates may CVV Number □□□□ 3 digit security on reverse of card, 4 digits for AMEX cardnot ‘share’ a place at an event. Please make separate bookings for each delegate.Cancellation: If you wish to cancel your attendance at an event and you are unable to send a Cardholder’s Name:substitute, then we will refund/credit 50% of the due fee less a £50 administration charge, providingthat cancellation is made in writing and received at least 28 days prior to the start of the event.Regretfully cancellation after this time cannot be accepted. We will however provide the Signature: Date:conferences documentation via the Document Portal to any delegate who has paid but is unable I agree to be bound by SMis Terms and Conditions of Booking.to attend for any reason. Due to the interactive nature of the Briefings we are not normally able toprovide documentation in these circumstances. We cannot accept cancellations of orders Card Billing Address (If different from above):placed for Documentation or the Document Portal as these are reproduced specifically to order.If we have to cancel the event for any reason, then we will make a full refund immediately, butdisclaim any further liability.Alterations: It may become necessary for us to make alterations to the content, speakers, timing, VATvenue or date of the event compared to the advertised programme.Data Protection: The SMi Group gathers personal data in accordance with the UK Data ProtectionAct 1998 and we may use this to contact you by telephone, fax, post or email to tell you aboutother products and services. Unless you tick here □ we may also share your data with third partiesoffering complementary products or services. If you have any queries or want to update any of VAT at 20% is charged on the attendance fees for all delegates. VAT is also charged onthe data that we hold then please contact our Database Manager email@example.com or visit our website www.smi-online.co.uk/updates quoting the URN as detailed above Document Portal and Literature Distribution for all UK customers and for those EU customers notyour address on the attached letter. supplying a registration number for their own country here: _______________________ If you have any further queries please call the Events Team on tel +44 (0) 870 9090 711 or you can email them at firstname.lastname@example.org