About the Speakers

Adam Meyers

Vice President Intelligence CROWDSTRIKE  

Adam Meyers is a recognized expert in the security and intelligence communities. With more than 15 years of experience in the security space, Adam has extensive experience building and leading intelligence practices in both the public and private sector. Adam is a founding employee and VP Intelligence at Crowdstrike Inc., a global provider of security technology and services focused on identifying advanced threats and targeted attacks. A sought-after thought-leader, Adam conducts speaking engagements and training classes around the world on the topics of threat intelligence, reverse engineering and data breach investigations.  Prior to joining CrowdStrike, Adam was the Director of Cyber Security Intelligence at SRA International. During his tenure, he provided technical expertise and strategic guidance for both commercial sector customers, as well as civilian, military, and intelligence customers. He conducted penetration tests, vulnerability research, and breach investigations across the globe, traveling extensively throughout Africa and South/Central America supporting customers.                   

Abstract coming soon

Back to agenda >>

Dr. John McCarthy

Senior Advisor CSCIS

Dr John McCarthy is an authority on Cyber Security strategy, development and implementation. He holds a PhD in Cyber Security and e-Business Development and is an internationally recognized author of a number of works discussing all aspects of Cyber Security in the modern world. John has been involved in multiple UK government committees developing UK law on cyber security and e-crime and digital infrastructure. John’s impressive list of posts include seats on a number of prominent US committees that offer advice and policy guidance to the US government on cybersecurity matters. He is also panel member of the American Transport Research Board researching Cyber Security best practice for airports throughout North America. He is an active member of the ACI EUROPE Aviation Security Committee, the British Computer Society (BSC), Elite, the International Committee on Information Warfare and Security and a Member of the Worshipful Company of Information Technologists. John is also a Freeman of the City of London.                                 

Presentation Title: The Implication of the NIS Directive

The EU directive on the security of Networks and Information Systems (known as the NIS Directive) is an important EU-wide legislation which is having a major impact on how critical infrastructures are managed and protected. Network and information systems and the essential services they support play a vital role in society, from ensuring the supply of electricity and water, to the provision of healthcare and passenger and freight transport. Their reliability and security are essential to everyday activities.

There is therefore a need to improve the security of network and information systems across the EU with a particular focus on essential services which, if disrupted, could potentially cause significant damage to the economy, society and individuals’ welfare. The NIS directive will have a major impact on the working practices of those who operate essential services. This presentation is intended as a starting point for senior managers and executives to understand the NIS directive and the implications it has on their organization.

Back to agenda >>

Christopher Bleckmann-Dreher

Daimler TSS

Christoper Bleckmann-Dreher has started in the Information security area in the early 2000s. During that time, he ran several dedicated servers in different data centers within Germany to provide redundant application and hosting services. In 2012, he started his career as a full-time pentester where he analyzed a variety of applications and environments of DAX30 and international corporations. In 2015, he joined Daimler TSS and in November 2016 he was promoted to Lead Expert Offensive Security. In his spare time, he found several severe vulnerabilities in different well-known systems and applications. For example, in 2016 he disclosed critical vulnerabilities in Smart Alarm systems of Blaupunkt. This time he is going to talk about severe vulnerabilities in smartwatches for children. Also, in 2018 he started a new company together with Florian Hansemann (@HanseSecure) to provide offensive security services.                                  

Presentation Title: Watchgate - How stupid smartwatches threaten the security and safety of our children

In early 2018 he discovered severe vulnerabilities in some smartwatches. The talk describes the vulnerabilities in detail and also the whole remediation process which is still going on and all packed in a nice story.

Back to agenda >>

Yuval Diskin

Director of the Israel Security Agency (ISA)                                   

As the 12th  Director of the Israel Security Agency (ISA), Yuval played a significant role in leading Israel's security and the development of the Agency's offensive - defensive cyber capabilities. In 2012, he was named by Foreign Policy magazine in the USA as one of the TOP 100 Global Thinkers, for his standout contribution to the intellectual debate around foreign policy.                              

Presentation Title: Intelligence driven decision making under attack

Decision making at all strategic, operational and tactic levels is always a challenge and each level could affect the others and should be considered in light of the others. Many times, a security decision maker is expected to take binary decisions in a situation consisted of countless shades of grey. A crucial factor in this process is the adversary. Behind any cyber-attack there is a human being. The attacker capabilities, agenda, dynamic, restrictions, strengths as well as weaknesses creates its unique pattern that is a threat as much as it is an opportunity in Intelligence terms. Decision making in extreme stress scenarios, how to take an intelligence driven decision and what is a true actionable intelligence will be discussed by Mr. Yuval Diskin.

Back to agenda >>

Richard Struse

Chief Strategist for Cyber Threat Intelligence at The MITRE Cooperation 

Richard Struse is the Chief Strategist for Cyber Threat Intelligence at The MITRE Corporation. In addition, he is the chair of the Cyber Threat Intelligence Technical Committee within OASIS, an International standards development organization. In 2018, Mr. Struse was elected to the board of directors of OASIS.

Previously, Struse served as the Chief Advanced Technology Officer for the U.S. Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) where he was responsible for technology vision, strategy and implementation in support of the NCCIC’s mission.

Presentation Title: The MITRE ATT&CK Framework - improve your defense in a focused manner

The MITRE ATT&CK framework has gained a lot of traction in the security community as a taxonomy and knowledge base to describe adversary behavior. However, the framework and its related tools have a much broader potential impact and scope. What's missing is a good understanding of the practical operational use cases and the supporting tools. This presentation will fill that gap.

Back to agenda >>

Michael Hochenrieder

Founder HvS Consulting AG 

As a licensed ISMS ISO 27001 Lead Auditor (also based on BSI IT-Grundschutz), ITSM ISO 20000 Auditor, BCMS ISO 22301 Auditor, Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC), his consulting focuses primarily on the areas of security assessments / audits, introduction of company-wide security guidelines / processes, social engineering and ICT forensic analyses. In addition to his coaching activities, Michael Hochenrieder also communicates his knowledge in workshops on the topics of information security management, security risk management, incident handling or information and communication forensics as well as co-authoring textbooks on information security. He is also listed at the German Federal Office for Information Security (BSI) as auditor for § 8a (3) BSIG.In 2002 he founded HvS-Consulting AG with Frank von Stetten.

Presentation Title: Challenges of Incident Response in a Real Life example

This talk gives participants an overview of practical incident response based on a real life example where both speakers were in charge of incident coordination & response.

Content:

• Mayday – This is not only an ordinary incident
• Coordination – Define a response strategy and tactics
• Monitoring – Put the attacker in the crosshairs
• Containment – Undertake efficient immediate actions
• Forensic Analysis – Unveil the attackers TTP
• Remediation – Take back Control
• Lessons Learned

Back to agenda >>

Freddy Dezeure

Former Head CERT- EU                                                                               

Freddy Dezeure is the founder and former Head of CERT-EU. Since 2017 he is an independent strategic Advisor in cyber security and risk management. He is a very experienced senior executive with a demonstrated track record in cyber security operations, policy, technology and risk management. He has extensive operational management experience, both in line and support functions and is highly successful in setting up, managing and growing new departments in an international environment. He has strong experience in supporting mature private and public organizations in improving their security posture and cyber risk management at strategic level. He has hands on experience with high tech, research and entrepreneurship and is Member of the Board and Advisor in several high-profile startup companies. Freddy Dezeure is a recognized thought leader in security, risk and privacy and has a high level of peer recognition and access to a very extensive network in the cyber security community. He is a sought after speaker at conferences, sharing best practices in threat Intelligence, SOC operations, prevention programs, risk management.

Presentation Title: What does it take to set up a Cyber Defence Center

What does it take to set up a Cyber Defence Center? How do you organise your defence in a context of an ever-evolving threat landscape and the increasing complexity of your infrastructure? The presentation will share practical lessons learnt from setting up one of the most sophisticated and respected CERTs in Europe. What are the main building blocks of a successful CDC, which are the best sources of information, how to attract and retain expertise? What are the quick starts and low hanging fruits? How to be successful in the long run?

Back to agenda >>

Andrew Ginter

VP Industrial Security                                                                              

Andrew Ginter is the VP Industrial Security at Waterfall Security Solutions and anAdjunct Assistant Professor at 

Michigan Technological University (MTU). At Waterfall, Andrew leads a team responsible for industrial cyber-security research, contributions to standards and regulations, as well as security architecture recommendations for industrial sites.

At MTU, Andrew is responsible for a graduate engineering course on industrial cyber risk assessment. Before Waterfall, Andrew managed software development teams for control system products, IT/OT middleware products and industrial cybersecurity products. He holds a number of middleware and cybersecurity patents.

Andrew is also the co-chair of ISA SP-99 WG1, a co-author of the Industrial Internet Consortium Security Framework, and the author of two books: Secure Operations Technology and SCADA Security - What's broken and how to fix it. He is a frequent contributor to ICS cyber-security standards and post-secondary curricula.

Andrew holds a BSc in Applied Mathematics and an MSc in Computer Science, both from the University of Calgary

Back to agenda >>

Stephan Gerling                                                                            

It's 1983. It all started with the "bread box" under the Christmas tree. Since then Stephan Gerling has been infected with the computer virus. Viruses were then also the first point of contact with IT security. He began to collect them and analyze their function in order to clean up the infected computers among his friends. Starting as an electrician, he quickly switched to electronics and finally repaired navigation systems for helicopters for the German Armed Forces. For more than 19 years he has been working in the oil and gas industry for a globally operating company in Lingen. Today, computer forensics, penetration tests and awareness measures are on his agenda - in particular hacker attacks and their protective measures. He is driven by a curiosity for complex technical contexts and how they work in detail.

The experiences from the physical and the virtual world complement each other. Electronics and computer forensics in the age of the Internet of Things (IoT) are his weapons for detecting security gaps. At relevant security conferences such as DEFCON (DC24-Skytalks), ZeroNights, Hacktivity, IT-Defense, HackLu or BSidesTLV, to name but a few, he gives lectures on topics such as hacking, social engineering and physical security. Furthermore, lectures at the LKA, the public prosecutor's office or secret protection conference are on his list.

Presentation Title: Yacht Hacking - Possible Attacks Against Floating IoT 

We owe it to a rather unusual coincidence to learn today about various possibilities of attack against modern yachts and ships. Due to the many interconnected systems on board a super yacht and the different attack vectors, I think the term "floating IoT" is more appropriate. Possible attacks against GPS (Global Positioning System), AIS (Automatic Identification System) and autopilot as well as their interdependencies are shown. Another attack vector is Internet connectivity. This is shown using a Maritime Internet Router and an Internet Satellite Communication Solution, what effects the discovered vulnerabilities can have.Spoiler first - it can go as far as the Engine Control Unit. NMEA2000, the maritime counterpart to the CAN bus in the automotive industry, is the link between IT and OT.

Back to agenda >>

Monzy Merza

VP of security research, Splunk                                       

Monzy Merza serves as the head of security research at Splunk. With over 15 years of cybersecurity leadership in government and commercial organizations, Monzy is responsible for advising and working hand-in-hand with executives across the Fortune 500 and government to develop modern security architectures. Monzy is also responsible for leading the Splunk Cyber Research team, which arms Splunk customers with actionable threat intelligence to combat advanced threats. Monzy frequently presents at government and industry events on topics such as nation state threat defense and machine learning. His current security research is focused on integrated approaches to human-driven and automated responses to targeted cyberattacks.

Presentation Title: Use cases for hunting and detection

Its hard enough to defend the on-prem world. The “Cloud”, presents another terrain for organizations. In order to manage this explosion, organizations need a different way of thinking about threat defense. In this talk, we will present the concept of analytics stories to detect, investigate and respond to threats regardless of their footprint. Analytics stories enable organizations to get beyond linear, atomic, detections and leverage best practices from MITRE and NIST. We will describe the components of the analytics story and share a practical, enterprise ready implementation. At the end of this talk, the attendees will have testable ways to adopt the analytics story way of defending, investigating and responding to threats.

Back to agenda >>

Maximilian Möhring                                                                           

Maximilian C. Moehring is co-founder and CEO of Keyp. Prior to Keyp, Maximilian has founded a series of (tech) companies including Ende Music, SixReasons, addsura (acquired by the Allianz Group), Year of the X, mazel and #neuland (acquired by JR Spaces & Events). Out of his curiosity and his critical innovation-driven thinking he dived into multiple industries (from automotive to insurance) and worked with C-Levels in various fields of digital innovation (from Internet-of-Things to Blockchain). His latest business, Keyp, is Europe's fastest growing open digital identity ecosystem and develops an ID-Infrastrucutre-aaS that lets enterprises combine any number of already established identity solutions and can be integrated into any (existing) identity management system. As part of an independent and decentralised digital identity infrastructure, it provides the fastest, most straightforward way to conduct legally compliant identity checks. In his private life Maximilian is driven by new technology and science, too. In order to optimise his health and wellbeing he started hacking his own system, his body. By becoming a biohacker he changed his eating behaviour, quit smoking, lost 40+ kilograms of weight and boosted his productivity. With a Master’s in Business and as a serial tech entrepreneur he combined the things he loves most: developing disruptive digital businesses.

Maximilian graduated as Master of Arts in Business Administration at the University of Applied Sciences in Munich in 2013. During his studies, he also completed several semesters abroad, among others at the City University of New York. He earned his Bachelor of Arts in Management & Law from Management Center Innsbruck in 2010.

Presentation Title: The future of digital identity is decentral, but not Blockchain

Let Maximilian lead you through his comprehensive and interdisciplinary talk on why not just identities, but any identity-related information should not be stored on a blockchain. The main technical reason being that none of the blockchain USPs is applicable when it comes to identity (-related) data, especially assertions. The legal and business reason being that blockchain is not (yet) compatible with and accepted in our legal and regulatory framework. So what is the way to go? There's not many other areas where security and decentralisation is as important as when we're dealing with identity data. Maximilian will explain how to take advantage of already-existing technology (even edge technology) to ensure convenience for the enterprises as well as cost reduction while at the same time making sure there is maximum convenience for the identity owners (humans, machines and other enterprises).

Back to agenda >>

Jan Harrie      

Jan Harrie is a security analyst of the German company ERNW, one of the leading security providers in Germany. He has over 5 years’ experience in cyber security from builder as well from breaker perspective. Jan’s actual mission is to identify vulnerabilities before they get exploit-ed. He designs software lifecycles, performs trainings, audits infrastructures and defines risk reduction strategies for modern landscapes. Together with his team he brings cutting edge technology in small companies as well as into the lifecycles of global players. His offensive security background from attacking complex systems and sophisticated social engineering campaigns let him know his enemy and how to stop him!

Coming soon!

Back to agenda >>

Christoph Klaaßen      

Christoph is a Senior Security Consultant working with the Information Security Team at the Germany-based specialist consultancy ERNW. He is interested in a broad range of topics as e.g. Virtualization and Cloud security, risk management as well as security of the complete tech stack used in agile environments. His daily business comprises both security advisory for very large enterprises as well as performing audits of complex IT environments.

Coming soon!

Back to agenda >>