Programme

Registration 08:30 hrs.

Registration possibility participants

The Heliview Team welcomes you on the Cyber Security Summit.

Opening Programme: Interactive Session 09:00 hrs.

Cyber Security Challenges in Belgian Companies: Setting the Scene

Chairman of the Summit, Erik R. van Zuuren will open the programme. During the opening he will discuss with Danielle Jacobs, General Manager of Beltug,  what the Beltug members priorities are in relation to cyber security. By using an opinion poll, the attendees can react on this information and share their insights. Erik and Danielle will also discuss the effects of the European Directive on security of network and information systems (NIS), GDPR et cetera for Belgian companies.

Openings Keynote: Europol 09:30 hrs.

EC3-The Fight Against Europe’s Cyber Criminals

In this session, Head of Europol’s European Cybercrime Centre, will share insights on how we can Fight Against Europe’s Cyber Criminals. Europol assists the 28 EU Member States in their fight against serious international crime and terrorism. Europol set up the European Cybercrime Centre (EC3) in 2013 to strengthen the law enforcement response to cybercrime in the EU and help protect European citizens, businesses and governments from online crime.

  • Are cyber-attacks on your enterprise a result of espionage, organised crime or a random attack
  • What have we learned from high-profile attacks in the last year and how can you adjust your security processes accordingly?
  • International collaboration models and open source platforms to keep you ahead of the threat.
Keynote: ENISA 10:05 hrs.

The work of ENISA (incl intro to the Cyber Act)

In this session we will discover how ENISA is to evolve into Europe’s Cyber Agency and what it is already doing and intends to do to respond to the increasing Cyber Threat.

Keynote: Solutotion Provider 10:30 hrs.

Security Enabling Cloud Transformations

Moving to the public cloud brings inherent challenges. Multiple areas of the business are procuring cloud services independently without any oversight, strategy or governance – all with best intentions but introducing new risk to the business. Join Symantec to;

  • Gain new insights into securing the cloud using an holistic approach
  • Understand how to asses and respond in order to accelerate cloud transformations
  • Build a checklist of “what you need to know” when you embark on a cloud security project
Morning Break 10:55 hrs.

Morning Break with 1-to-1 meetings

1 A | Break-out Technology / Solution Trends 11:30 hrs.

A New Era of Cyber Threats: The Shift to Self Learning, Self Defending Networks

In this session Ennio Di Rosa will discuss:

  • Leveraging AI algorithms to defend against advanced, never-seen-before, cyber-threats
  • How new immune system technologies enable you to pre-empt emerging threats and reduce incident response time
  • How to achieve 100% visibility of your entire business including cloud, network and IoT environments
  • Why automation and autonomous response is enabling security teams to neutralize in-progress attacks, prioritise resources, and tangibly lower risk
  • Real-world examples of subtle, unknown threats that routinely bypass traditional controls
1 B | Break-out Human Factor 11:30 hrs.

Five Essential Capabilities for Airtight Cloud Security

The cloud is a highly dynamic, flexible and infinitely configurable; simple changes to security policies can expose private resources to the world. There are a lot of moving parts - which means there can be oversights and errors. Security in the public cloud is fundamentally different from enterprise datacenter security. It’s essential for IT security pros to have visibility into network architectures and on-system controls to provide better defense against the growing number of malicious attacks and inadvertent credential leaks. In this session Check Point will gain insight in five essential capabilities to secure your vital cloud infrastructure end-to-end.

Invitation Only: Roundtable 11:30 hrs.

Roundtable to Discuss Reality of Cibercrime in Belgium

2A |Break-out Technology / Solution Trends 12:00 hrs.

Combatting the adversary whilst the clock is ticking

In this session, Ronald Pool will discuss the speed at which adversaries operate and explain how long you really have in order to detect, analyse and mitigate an incident before it becomes a breach. You will also learn how Artificial Intelligence and Machine Learning play a part in this battle and what role that leaves for analysts and incident responders. In other words, how can we really pair human intellect with technology in order to defeat the adversary?

2 B | Break-out Governance, Risk & Compliance 12:00 hrs.

Data-Centric Security – Fundamental for Threat Detection in 2019 and beyond

Cybersecurity can be a world of uncertainty; we’re facing a new wave of sophisticated threats, while still dealing with the same fundamental threats from decades ago (e.g., SQL injection and ransomware). Focusing on a strong perimeter to keep the bad guys out is not working. Now that attackers routinely use stolen credentials or low-tech phishing techniques to enter, and now that data is no longer kept within a perimeter, this outside-in approach is no longer practical. In this session, you’ll learn why organisations are failing at early breach detection and how data-centric security can overcome common threat detection pitfalls to reduce false positives, accelerate investigations, and stop more attacks more quickly. 

Takeaways:

  1. Learn why it is essential to identify and locate where your sensitive data is, who has access to it, and where it is over-exposed.
  2. Learn why securing your perimeter alone won’t protect you.
  3. Understand where your risks lie and the steps you need to take in order to protect your organisation from a data breach.
  4. Understand how contextual security analytics is the future.
3A | Break-out Technology / Solution Trends 12:30 hrs.

Hitting the danger zone: A day in the life of a corporate end user

Following this session will allow you to understand the security risk that a corporate user encounters during the day and how the Symantec Integrated Cyber Defense Technology will protect the user and the organization.

Through example, an insight is given on what advanced techniques are used to attack a user and what current and new technologies are implemented, integrated and used to protect the user against these sophisticated attacks, independent of the user being in the enterprise or roaming.

3B | Break-out Governance, Risk & Compliance 12:30 hrs.

Hackers take the standard approach - Yeah right

From ISO31000 (Risk management) we learn to first look at our risks and take measures to protect against hackers. This is the standard approach. Unfortunately hackers do not follow the standard approach. That is what you see in the real life stories like Equifax, Babydump/KPN or Sony hacks. How can you organize your risk management process so that you will be resilient to these real incidents?

Exclusive session The Human Factor 12:30 hrs.

Skills and Competences Rescale for CyberSecurity Professionals

This session aims to address the changing skills and competences required for Cyber Security which is shifting more rapidly than ever.
The demand for cybersecurity professionals continues to rise against the backdrop of a job candidate shortage, employers say only half of applicants (or fewer) actually meet the qualifications. (ISACA Report - 2019)

At this session, we won’t state the facts and the current situation only, but also, we will discuss what the different solutions can be for his widening supply&demand at Cybersecurity landscape.

This will include also Information Security Management Education at Solvay Business School where the candidates benefit from an enriching learning experience shared with a diverse audience of high potentials and seasoned professionals with interactive in-class lectures, experienced lecturers from the field and real-life cases.

Lunchbreak 12:55 hrs.

Lunchbreak with 1-to-1 meetings

Round Table Solution Provider 13:00 hrs.

Round Table by Symantec

Join senior Symantec EMEA executives to discuss business challenges with a group of your peers from a cross section of industries. The ethos of this session is on sharing ideas & learning from Symantec and one another. Gain new insights into securing the cloud using a holistic approach.

Within this session Symantec can help you with the any challenges you have about topics such as:

  • Advanced Threat Protection
  • Cloud Security
  • IoT Security
  • Data Security

And much more….

4 A | Break-out Technology / Solution Trends 14:10 hrs.

Network Traffic Analytics with Flowdata Driven Detection

Why and how to use flowdata to efficiently spot the cybersecurity-threats in your network? An explanation why detection based on flowdata has the future instead of inspecting all your (customer) data. Insights in NTA tooling and why you might need them on top of all your security measures. Combining NTA with other log related information to enhance the information about a threat in your network.

4 B | Break-out Human Factor 14:10 hrs.

Best practices to limit the risk of the human factor

Colleagues within your own organisation can be the biggest threat to your IT-environment. Aware or unaware actions can result in receiving malicious content or sending out confidential business data to unwanted locations. How to lower the risk of human actions? This session by Mark Cremers, System Engineer at Zscaler, will cover several best practices to handle the human security threat.

Exclusive Session by Vlaamse Toezichtcommissie 14:10 hrs.

GDPR and Cyber - Some Best Practices and Lessons Learned

The Flemish Data Protection Authority is like any other Data Protection Authority and supervising / monitoring/ advising Flemish Government  and related agencies wrt data protection and data privacy. As it is already years in existence, it has collected lots of experience in this field. In this roundtables some of this experience and key lessons learned will be presented and an open discussion can take place on this vast topic.

5 A |Break-out Technology / Solution Trends 14:40 hrs.

DevSecOps: Integrating Security into your application lifecycle

Digital Transformation is increasingly pushing organisations to Agile or DevOps development methodology. A trend has emerged with a new buzzword - DevSecOps
Meet our expert Louis Vieille-Cessay, who will talk about the subject. He will explain Micro Focus' approach to embedding enterprise security considerations in the core parts of the software development process. Louis will do this by covering 3 fundamental topics:

  • Why DevSecOps is emerging
  • How security interlink with DevOps
  • How to overcome possible major blockages
5 B |Break-out Governance, Risk & Compliance 14:40 hrs.

Kaspersky Threat Management and Defense- The Threat Hunting Catalyst

This session will give you an overview and challenges of Advanced Persistent Threat and Threat Hunting. What are the needs and the tools to concretely protect companies from cyber attackers.

Paradigma has changed from product to solution several years ago, but when complexity is very high, solutions are not enough! Trainings and Cyber Security Services become a must to make solutions effective. This session will help you to understand how Kaspersky Lab can help you in Threat Management.

 

Roundtable: Invitation Only 14:40 hrs.

BE-Industry Roundtable to Discuss the Impact of the European Cyber Act

Following the political agreement that was reached in December 2018, the EU Cybersecurity Act is finally on the last stretch and it is due for adoption by mid-2019. It is a significant milestone, which is expected to give a new impetus to the European industry while meeting policy requirements at Member States’ level. Under the Act, the key role reserved for ENISA is to assist in the preparation of candidate cybersecurity certification schemes. In doing so, ENISA needs to interact with both the EU Member States and the industry stakeholders, for collecting opinion and advice to feed into candidate schemes. ENISA looks forward to this newly acquired role and the opportunity it represents for cybersecurity in the EU. In this session Slawomir Górniak will point out the role of ENISA in this European Framework for Certification and what it means for (Belgian) industry in the longer term.”

6 A |Break-out Technology / Solution Trends 15:10 hrs.

Are the Apps That Run Your Business Also Your Achilles' Heel?

The age of digital transformation is upon us. Cloud, virtualization and containerization are becoming mainstream. With all of the buzzwords and technology hype, it is easy to forget the real business drivers behind this age of innovation. Established industries like finance and healthcare are being disrupted by new and nimble startups who have leap-frogged established players with new technologies that bring tremendous competitive advantage with speed to market, flexibility and resiliency.

But how do organizations secure all of this sensitive information and the applications that store and manage it?

We’re going to talk about these business critical applications and their role in digital transformation. We will illustrate the story with results from an EMEA wide study that CyberArk sponsored that looks into how companies are protecting the apps that their business depends on. And finally we’ll offer steps that you can take to secure your business.

6 B |Break-out Human Factor 15:10 hrs.

Reduce Human Factors with PKI and Crypto Agility for Identity and Authentication

There are many threats and challenges for modern enterprises when it comes to IT security. AND there is always going to be an element of human ignorance, all while there’s always a trade-off between security and ease – nothing new there, but how to overcome these? 

While Public key infrastructure (PKI) is not a brand-new technology, it is a highly effective solution for any organization facing the latest cybersecurity threats including ransomware, human factor, financial pretexting, phishing and outside attackers.

This presentation discusses the Human un-security and how to tackle these issues along with the basics of how to understand and where to start with PKI, highlighting the benefits of being crypto-agile for automating digital identity issuance for users and devices. The ability to integrate, automate and manage a scalable PKI infrastructure seems daunting... We will illustrate authentication as a means to meet security and compliance.

Afternoon Break 15:35 hrs.

Afternoon break with 1-to-1 meetings

Exclusive session: Workshop 15:45 hrs.

Incident handling workshop

When a cyber security incident occurs, what happens in the back-stage of the attacked organization? Take part in ISACA Belgium’s cyber security incident workshop, designed to simulate an attack, where you will be able to test your own capabilities by trying to respond to it! 

All the learning will happen by working in a team, later reviewing implications of your own decisions, comparing to how other teams handled the incident and finally, thanks to the expert’s feedback. 

After completing this session, you will be able to understand the cyber security incident process, especially how to respond to and communicate during an incident.

7 A | Break-out Technology / Solution Trends 16:10 hrs.

Why there is no way around securing your APIs

In the evolving world of Cyber criminality new trends almost always define new threats to data and infrastructure.  This is especially the case with the transition from standard web traffic to more API-driven communication. Criminals have long learned to exploit vulnerabilities in this communication. This breakout session will summarize the latest types of threats and how to fight against them.

7 B | Break-out Governance, Risk & Compliance 16:10 hrs.

3rd Party Cyber Security Risk Assessment and Remediation

The growing number of 3rd parties organizations rely on to deliver their services requires more agile approaches for 3rd party cyber security risk management. During the interactive session several methods will be reviewed and will be explained how RiskRecon’s approach allows organizations to reduce risk through collaboration with their 3rd parties on risk-prioritized findings present within their Internet risk surface.

Keynote University Hospital Leuven 16:40 hrs.

Handling sensitive data in healthcare from the viewpoint of a hospital that is also a software company

UZL wants to expose as much data as possible to its users (patients, external caregivers/providers) but do this in a secure way. Being an university hospital and a big software company, means facing a lot of challenges. In this keynote the lead IT architect and CIO of University Hospital Leuven will present their challenges, solutions and insights.

Keynote Solvay Group 17:10 hrs.

The Curious Case of Security Convergence - Back to the Start

For over a decade, security convergence has been portrayed as the biggest challenge in the corporate security. But is it really the challenge many claim it is? Did the discussion not focus too much on ownership, rather than on outcome? This keynote tells Solvay’s story on how it ended up with an enterprise security risk management philosophy, and the challenges that shaped it’s direction.

Wrap up 17:35 hrs

Short wrap up by moderator

Networking Reception 17:40 hrs.

Networking reception at the network area