Programme

On 27 June 2017, A.P. Moller Maersk’s screens went black. … The cyber-attack that hit the container business was initiated by a previously unseen type of malware that destroyed all of Maersk’s Windows computer capability, stopping most operations around the world. In this inspiring session, Maersk CISO, Andy Powell, takes us back to the moment the most devastating cyberattack since the invention of the internet took place. Powell will also share the painful lessons learned which have now enshrined in five principles, relating to organisational resilience, boardroom accountability, and security being a benefit, growth driver, and everyone’s responsibility. During this webinar, you can ask your question via chat.

This keynote will cover the latest threats and trends in cyberspace and how to respond to these threats with a view to creating a safer and more secure cyberspace. The borderless nature of cybercrime requires a response at a scale that involves cross-border cooperation and the pooling of scarce resources. Effective cooperation not only can lead to successful investigations but also be key to deterrence and prevention. Law enforcement is a key partner in ensuring cyber resilience.

On the 20th of May, the Belgian Prime Minister presented the new cyber strategy to the national security council, which approved it. Its objective is to make Belgium one of the least cyber-vulnerable countries in Europe. Do you want to know what we are preparing for the next four years? what are the main lines of this new strategy? how, together with all the actors concerned, do we plan to protect companies, operators of essential services, citizens, administrations, and critical infrastructures? Phédra Clouner will present the Belgian strategic approach.

The session will be moderated by Yves Schellekens.

In the world of constantly evolving cyber-threats, SWIFT has years of experience in building and fostering a secure ecosystem between financial institutions. As such it has learned that the security of the industry as a whole is a shared responsibility. As an industry cooperative, SWIFT is playing an important role in reinforcing and safeguarding the security of the wider ecosystem and as such has built a Customer Security Programme to assist its partners to keep their systems secure/safe. In this webinar, SWIFT will share its experiences and key recommendation with the audience so that it can bring inspiration also outside of the financial sector. During this webinar, you can ask your question via chat.

Visibility into our vendors’ security controls and the effectiveness with which they are operating have been and continue to be some of the major challenges in the world of third party risk. This discussion will cover those struggles, the inherent limitations of the security questionnaire as well as how continuous monitoring tools can be utilised to shed light on the effectiveness of a vendor’s security controls.

Haven’t experienced a major security incident yet? Consider yourself lucky for a second and then use your precious time to learn from those that have. In this session, we will discuss practical aspects of incident response that will help you reduce the impact of future incidents and help you return to business as usual as quickly as you can.

This keynote will cover the latest threats and trends in cyberspace and how to respond to these threats with a view to creating a safer and more secure cyberspace. The borderless nature of cybercrime requires a response at a scale that involves cross-border cooperation and the pooling of scarce resources. Effective cooperation not only can lead to successful investigations but also be key to deterrence and prevention. Law enforcement is a key partner in ensuring cyber resilience.

Meet your peers in this round table.  You will engage in the conversation based on stimulating statements. Under the guidance of Peter Spiegeleer, you will go into depth and exchange thoughts on Industrial Cyber Security with a select group of like-minded people.

Where would we be without our detection systems and alert factories? Well….let’s find out. Threat Hunting is a powerful technique, but it relies on you to find ugly. There’s so many places to look and angles to take, it’s like conducting an incident response investigation without the incident. How can you structure it? Where do you start? Under the guidance of Peter Spiegeleer and delivered by Carlos Valderrama, you’ll spend 1 hour as a member of the threat hunting team in an actual hunt.

Marc Lueck, CISO EMEA at Zscaler, discusses why the firewall no longer has a valid place in today’s internet-connected world, and how the technology has held us back from delivering a better level of security for years. Not just doom and gloom, he also introduces the means to escape the firewall trap, by bringing traffic to controls, rather than controls to the traffic.

Organizations are on a cloud migration journey. Many organizations that have implemented various on-premises Microsoft solutions, such as Office suite and AD FS, are now migrating some of these Microsoft solutions – primarily Office 365 – into the cloud. Security of these cloud-based services is of the utmost importance. Learn how to protect your Office 365 environment during this session by Thales for Heliview Cybersecurity Event

What is going to be discussed?

– Introduction to Thales Trusted Access service STA
– Using Thales STA to protect the access to your Office365 environment
– Protecting Office365 data through encryption
– Managing keys in O365 encryption: Bring your own key (BYOK), Hold your own key (HYOK), Double Key Encryption (DKE)
– Use case scenarios for Thales and Microsoft Azure

By using the latest attack techniques, hackers are able to penetrate almost everywhere. Detection has therefore become a standard part of defence in addition to prevention so that the damage can be limited as soon as it becomes clear that attackers are in your network. Detection is not easy, however, because many organizations suffer from alert fatigue due to the fact that they can no longer see the forest due to a deluge of reports for the trees, but are still being hacked.

In this session, you will see how Detection Engineering can be the key to effective and efficient detection: on the one hand, see the attacks, and stop a ransomware attack before you are taken hostage; on the other hand only receive relevant alerts, so that no alert fatigue occurs. Threat Intelligence is an important building block for Detection Engineering. But then it must be properly set up: high-quality insight into the threat landscape applicable to your specific situation so that you can make security choices based on relevant risks. This session also discusses this on the basis of concrete examples from the targeted ransomware domain.

In this new era of cyber-threat, characterized by both slow and stealthy attacks and rapid, automated campaigns, static and siloed security tools are failing. Organizations need to urgently rethink their strategy – to ensure their people and critical data are protected, wherever they are. Powered by autonomous cyber AI, today’s self-learning defenses are capable of identifying and neutralizing security incidents in seconds – not hours.

In this session, learn how self-learning AI:

• Detects, investigates and responds to threats – even while you are OOTO
• Protects your entire workforce and the digital environment – wherever they are, whatever the data

Defends against zero-days and other advanced attacks – without disrupting the organization

In this session, you will gain insight into the contemporary methods by which hackers penetrate your environment, move around freely and then run off with your data, probably without you noticing. You will gain insight into the methods available to detect and combat this, often with tools that you already have in-house.

Threat Landscape: Join us to observe new attack techniques based on our renowned Threat Landscape, to defeat ransomware, spear-phishing attacks and malware-free intrusions.
Ransomware: Pay or Cure: Having the ambition to not pay ransomware is great, but is it feasible? Can you handle the infection alone or do you need specialised help? And what are the hidden costs even if you do pay?
Time to Respond: Learn why security hygiene matters and how partnering can help solve the skills shortage in your security team. We will present new tips & tricks to improve your organization’s Time to Respond.

Note: This is a technical session, which actually discusses the hacking methods and tools and thus requires some technical affinity.

In this session, Kris Bijnens will explain why it is important to audit your data. Once you have the right visibility, you can start remediation projects to lower the risks, detect threats and audit policies to be compliant whit different regulations.

Managed Detection and Response. It’s what everybody is talking about and it should make sure we sleep without worries at night.  However, getting MDR right is no easy task. By providing MDR solutions in all kinds of corporate environments, we have encountered (and solved) tons of challenges, time and time again. What are the do’s and don’ts? Which pitfalls should be avoided and which best practices will help you hit the ground running? Watch this exclusive video and you will know!