1/7206 Date:

9:45

- 10:3

Time:

CyberScuit–ManhlgsfoBkEpdNP-v Coperatin SpeakrInfo First Name

Last Name

Company

Sébastien

de Brouwer

European Banking Federation

1/7206 Date:

15

- 145

Time:

TheStaofCybrRsilncEup:BPImvgd Security leaders have recognized the impossibility of blocking all security threats and forward-thinking financial services firms are now focusing on their state of cyber resilience. With this in mind, the Ponemon Institute and Resilient conducted the industry’s first cyber resilience study, and this session will look at what these findings means for financial services firms and leading practices for consideration to improve cyber resilience, including case studies from leading financial services providers. SpeakrInfo First Name

Last Name

Company

John

Bruce

IBM

1/7206 Date:

145

- 125

Time:

ReducingYorAtakSf:DMWbCmps,3Pyw ShadowIT What if you could find common elements used across the internet that increase your risk of an IT breach and eradicate them from your internet facing assets? This session will demonstrate how to leverage vulnerable web components within web applications and third-party software with security holes and risky services being used by your employees and users. By traversing these markers and finding them where they exist across your external web facing infrastructure, you can dramatically reduce your attack surface and eliminate some common threat vectors used by hackers. SpeakrInfo First Name

Last Name

Company

Jason

Zann

RiskIQ

1/7206 Date:

1230 Time:

- 130

ModelingthTraDyF(BC) Hear how one major financial institution is currently modelling the cyber threat in order to better understand the inherent and residual risk. This session will also offer an opportunity to share views and explore flaws within the model and perhaps even create a better way. SpeakrInfo First Name

Last Name

Company

Kevin

Jones

JPMorgan Chase

1/7206 Date:

1230

- 130

Time:

UnderstaigFS-IACfomuc,l Michael O’Donnell, Director of the FS-ISAC Intelligence Team will host a discussion to help members better understand FS-ISAC information sources, alert types, alert taxomomy, alert definitions, provide an high level view of analyst workflow as well as an overview of other IAT products. This information should help members understand the difference between actionable and awareness related alerts allowing them to refine notifications to best fit their needs. SpeakrInfo First Name

Last Name

Company

Michael

O'Donnell

FS-ISAC

1/7206 Date:

1230

- 130

Time:

CISOasetudy:Gingco,D-rvVblRk ContrlPefmac Schroders Senior Information Security Threat and Risk Specialist, Simon Eggleton and Nik Whitfield, CEO of Panaseer, will present on how security leaders can harness data science and big data technology to advance, simplify and automate the way they: - Identify, measure and communicate material risk to Executives. - Show the value of security investment and justify priorities to protect critical assets. - Maximise the time their team have to focus on security, rather than battling with PowerPoint and Excel. - Ensure GRC stakeholders have the tailored information they need, when they need it. Attendees will hear practical examples of opportunities, challenges (both business and technical) and how to solve them. SpeakrInfo First Name

Last Name

Company

Nik

Whitfield

Panaseer

Simon

Eggleton

Schroders

1/7206 Date:

Time:

13:0

- 14:30

IntroduciFS-AC This session is an interactive workshop on FS-ISAC services. It provides an overview of FS-ISAC, how to use the portal, filter alerts, and participate in appropriate special interest groups. SpeakrInfo First Name

Last Name

Company

Teresa

Walsh

FS-ISAC Europe

Ray

Irving

FS-ISAC

1/7206 Date:

1430

- 1530

Time:

TherutaboFlsPiv Finding false positives in Cyber Threat Intelligence (CTI) drives all analysts and security operations teams crazy. This session will show you how to identify if a CTI is a false positive or useful information by exploring the two main ‘root causes’ for CTI data being considered a false positive. Additionally, this session will help you develop your own processes for adjudicating potential false positives and show a methodology on how to contribute back to the community your analysis so that other can benefit from your research. This session will be of immediate interest to attendees consuming and acting on CTI data from the FS-ISAC portal. SpeakrInfo First Name

Last Name

Company

Mark

Clancy

DTCC

1/7206 Date:

1430

- 1530

Time:

CognitveScuryfFadMm Two years ago, the Integrated Technological Fraud Management project was launched with the objective of using big data to detect, prevent, and mitigate the internal and external fraud, exploiting all available data (structured and unstructured). This session provides an inside look at experiences and lessons learned via the application of big data algorithms and cognitive computing for automated fraud management. SpeakrInfo First Name

Last Name

Company

Mario

Maawad

Caixabank

Romana

Sachova

Caixabank

1/7206 Date:

Time:

1430

- 1530

InformatiAdvge-3CclThUsYuOz This session will show how analysts can make substantially better threat assessments and gain more comprehensive coverage through automation. Use cases will address: gaining insight into new and emerging malware and threat actors; monitoring and protecting a company’s domain, brand and assets; monitoring critical third-party vendors for security risk and breach exposure in real time; improving prioritization of vulnerabilities that typically impact financial services organizations; and integrating threat intelligence in the security operations center (SOC) enabling faster verdicts. SpeakrInfo First Name

Last Name

Company

Adrian

Porcescu

Recorded Future

1/7206 Date:

160

- 170

Time:

Synack:TrustedHWhoBYAli,Nv To beat a hacker, you have to think like a hacker, but to protect an enterprise against constant, complex threats, you can’t just think like one, you have to ignite hundreds of the world’s best ethical hackers into rapid action. Synack is pioneering a trusted hacker-powered approach to protecting an organization’s digital surface, arming security teams with hundreds of the world’s best hackers who want to be your allies, not your adversaries. SpeakrInfo First Name

Last Name

Company

Jay

Kaplan

Synack

1/7206 Date:

Time:

160

- 170

WhyisE-malSTILte#1CnforbAck?’Nwp SecuringE-mal Phishing campaigns targeting consumers cost financial institutions and other global brands over $4.5B last year with no end in sight. Similarly, even simple spear phishing schemes defeat inbound email defences with astounding success rates; the Verizon Data Breach Report states 78% of data breaches use email as the initial entry point. The common denominator and modus operandi for all email cyber-crime, whether outbound (consumer phishing) or inbound (enterprise spear phishing) is surprisingly simple - it is the exploitation of trust. Consumer phishing harms your customers by exploiting their trust in your brand. Spear phishing harms your enterprise by exploiting employees' trust in their colleagues, partners and customers. Join Agari as they share experiences and lessons learned in this ongoing battle for secured trust in the email channel, and explain how technology is evolving to finally allow a holistic approach to email security. Agari is trusted by leading Fortune 1000 companies, including 6 of the top 10 banks, to protect their organisations, partners, customers and citizens from advanced email phishing attacks. The Agari Email Trust Platform™ is the industry’s only solution that ‘understands’ the true sender of emails, leveraging the company’s proprietary, global email telemetry network and patent-pending, predictive Agari Trust Analytics to identify and stop phishing attacks. The platform powers Agari Enterprise Protect, which help organisations protect themselves from advanced spear phishing attacks, and Agari Customer Protect, which protects consumers from email attacks that spoof enterprise brands. SpeakrInfo First Name

Last Name

Company

Patrick

Peterson

Agari

1/7206 Date:

160

- 170

Time:

Anomali:UburdegThtHsyOpzIcD Threat hunting describes a more proactive approach to threat intelligence analysis and identifying business risks. To support this proactive approach, the threat analyst must be unburdened from the task of having to identify which of the tens of millions of threat intelligence indicators of compromise (IOCs) are relevant to the business at any given moment. Anomali’s threat intelligence platform is the first to automatically read your company’s log data as it’s being written to your SIEM looking for potential IOCs. Those identified are fed back to the SIEM supporting existing investigation workflows. The advantages are an intelligence driven SOC, scale to support retrospective analysis of up to a year’s worth of data, and a focus on the threat intelligence that’s relevant to your organization. SpeakrInfo First Name

Last Name

Company

Colby

DeRodeff

Anomali

1/7206 Date:

Time:

160

- 170

ElimnateMwrhoScuyIsPf "Financial services employees frequently visit financial news sites and search for real-time information to be effective in their jobs. Unfortunately, this puts them at risk to threats such as ransomware. Even with a web security gateway and other security measures in place, the web remains an overwhelming source of malware infections. Menlo Security’s new and innovative approach to security routes Web connections through an isolation platform, which isolates all active content in the cloud and eliminates malware threats such as ransomware. The user experience is unchanged running on any device type, browser, or operating system, providing complete safety without the need to deploy hardware or endpoint software." SpeakrInfo First Name

Last Name

Company

Jason

Steer

Menlo Security

1/7206 Date:

160

- 170

Time:

SurveyIdntifsoTcChalgEp-Mj RespondtLackCfihrAblySITDv "The research conducted under 350 respondents revealed that while the majority of respondents acknowledge the growing number of IoT devices on their networks, they are unaware of how to properly secure them. Key findings include: •Inability to see (IoT) devices connected to their network •False Sense of Security – traditional methods run short to identify and secure IoT devices •Insecure and/or lack of Security Policies – to secure IoT devicesSurvey Identifies IoT Security Challenges for the Connected Enterprise - Majority of respondents lack confidence in their ability to see and control IoT devices •Lack of IT Collaboration •Working From Home Puts the Enterprise at Risk •Demand for Agentless Security" SpeakrInfo First Name

Last Name

Company

Jan

Hof

ForeScout Technologies

1/7206 Date:

160

- 170

Time:

SecurityfohMblsngFaWkp Mobility is transforming the notions of financial management in our business and social lives. While we depend on the basics, they are just extensions of current practices. This session will discuss what the transformational innovations for mobile finance are and how to secure them. SpeakrInfo First Name

Last Name

Company

Kurt

Roemer

Citrix

1/7206 Date:

160 Time:

- 170

IntroducigvefamBM Fraudsters are continually deploying more sophisticated methods to impersonate banking customers and elude traditional security solutions. How do you know the “customer” logging into your online banking system is who they say they are, without negatively impacting the customer experience. Introducing cognitive fraud detection capabilities from IBM Trusteer that uncover in real-time when fraudsters impersonate legitimate users. With this new capability, customers are able to help differentiate an account user’s typical online behavior from abnormal behavior SpeakrInfo First Name

Last Name

Company

Nir

Stern

Trusteer

1/8206 Date:

945

- 105

Time:

ScanersDd. Many application security teams scramble to pinpoint vulnerabilities and flaws during the testing and release stages while managing limited security resources, a multitude of compliance regulations, and surprise feature requests. Although security teams try to follow the right application security practices, many applications are shipped with fragmented security. The most common denominator is the reliance on dynamic and static testing tools during the final stages of the lifecycle. In this session, learn about the benefits of building security during the requirements phase or the first stage of the software development lifecycle. SpeakrInfo First Name

Last Name

Company

Rohit

Sethi

Security Compass

1/8206 Date:

10

- 120

Time:

HowaDOSAtckCpuledINGBn’sThrbi-y The speakers will share how one bank recovered from a DDoS attack and began their CCERT. Hear about the building of the CCERT and jumpstarting their biggest undertaking: the core Intel Project, using Cyber Threat Intelligence (CTI) to change cyber security tactics. From the good and the bad, on both strategic and tactical levels, this story will inspire you, as it gives you practical insights and learnings on how to build a CTI practice. SpeakrInfo First Name

Last Name

Company

Raymon

van der Velde

EclecticIQ

Francesco

Bigarella

ING

1/8206 Date:

Time:

10

- 120

CanTecholgyAPrvtiskdB? It is well known that phishing is the top entry method for hackers accessing corporate networks. Data breach reports continue to highlight the substantial lag between incident occurrence and detection, yet organizations continue to neglect their last and best line of defense: their employees. Learn how to make it harder for attackers by leveraging a resource you already have. SpeakrInfo First Name

Last Name

Company

Aaron

Higbee

PhishMe

1/8206 Date:

10

- 120

Time:

Reviwof2016CAPSExrcs In 2015, FS-ISAC conducted the European Cyber-Attack against the Payment Process exercise for the first time with 48 financial institutions from 19 countries participating. The 2016 CAPS Exercise for EMEA was held in October and in this presentation the aggregated results of a simulated attack against wholesale payment operations by cybercriminals using destructive malware will be reviewed. SpeakrInfo First Name

Last Name

Company

Charles

Bretz

FS-ISAC

1/8206 Date:

125

- 135

Time:

InteligcSharFoNwy This presentation takes a practical angle explaining information/intelligence sharing in the financial sector in Norway including how prevalent incidents are approached and solved; how intelligence about these incidents is received and shared; how to build trust and a sense of community to prevent incidents and facilitate response; and what information is shared and why. SpeakrInfo First Name

Last Name

Company

Olga

Troshkova

FinansCERT Norge AS

1/8206 Date:

Time:

125

- 135

IntheHarofBc:LsmFilSvCyb-Ak Financial services institutions are widely regarded as having implemented the most advanced safeguards for sensitive information and cyberattacks. Yet despite being early adopters of cyber security technology and spending millions on digital security, data breaches in this sector continue to occur at an alarming pace. This session summarizes key learnings from large financial services organizations regarding how best to reduce the enterprise attack surface given the rise of interconnected devices in the Internet of Things, assess and manage risks from third-party vendors, and improve cyber security literacy in the C-suite. SpeakrInfo First Name

Last Name

Company

Dwayne

Melancon

Tripwire

1/8206 Date:

125

- 135

Time:

GoingBeydMalwr:HtCmbWhTAck Most breaches are not malware based. CrowdStrike will disclose hard-hitting new facts and insights into recent global attacks and advanced cybercrime targeting large financial services organizations. Based on actual case studies, we will provide important lessons about the attackers’ tactics, tradecraft and objectives join your peers to learn more about hacker tradecraft and how unified next generation AV and endpoint detection and response, combined with managed threat hunting, provides continuous breach prevention. SpeakrInfo First Name

Last Name

Company

Michael

Sentonas

CrowdStrike UK Ltd.

1/8206 Date:

145

- 15

Time:

SecuringthHmaFo Forget about firewall attacks, it’s time to think about the human element. While most security professionals agree that people are your weakest link, this is still an ignored top security area. This session will help you develop a thorough understanding of human vulnerabilities, with a balance between systemic improvements to shield human weaknesses and cognitive-oriented training and awareness. SpeakrInfo First Name

Last Name

Company

Darren

Argyle

Markit Ltd.

1/8206 Date:

145 Time:

- 15

Cyberscuit–aQonfT? With the scale, scope, and complexity of cyber-attacks increasing by the week, cybersecurity is increasingly being seen as a primary issue for CEO’s in the financial sector, and the sector is under increased scrutiny from regulators, governments & the media. Advice is not hard to find, there are a multitude of information sources & standards; the in-house CIO will have a view, and of course there are a myriad of vendors, each with a solution that promises to be the answer to all security problems. Trust is at the heart of a successful security strategy, yet knowing who & what can be trusted, and whether that trust should be absolute or conditional, is extremely difficult. In this non-technical briefing we will discuss the components of a successful cybersecurity strategy, how massive data analysis helps Microsoft protect its infrastructure & customers data, and consider what level of trust a CEO should give to their people, advisors, supply chain, infrastructure, and government. SpeakrInfo First Name

Last Name

Company

Robert

Hayes

Microsoft

1/8206 Date:

145

- 15

Time:

Signofr-Out Software signoff is an inevitable step in maturing software development processes in order to deliver better and safer software. Like with other engineering disciplines before, the growing concerns for safety, security, and standards is driving the industry to do better. In this talk, we will explain what software signoff means and why organizations must adopt it before it is too late. SpeakrInfo First Name

Last Name

Company

Ofer

Maor

Synopsys

1/8206 Date:

160

- 170

Time:

SpeakrInfo First Name

Last Name

Company

Carsten

Scholz

Allianz SE

Alain

Beuchat

UBS AG

Berit

Borset

DNB

Nick

Tuppen

Bank of America Merrill Lynch

1/9206 Date:

9:0 Time:

- 9:45

#Insider?–AapochfmgtT The threat from Insiders is a growing concern to all organisations today. Reports continue to show that many of the largest breaches are conducted by Insiders, or have an Insider component. David will discuss an approach that has been developed at RBS for managing the Insider threat, its various components and how best to address it. This will consider what makes an Insider and the types of Insider including ‘Insider Insiders’, ‘Outside Insiders’ and their different objectives. Influencers will be outlined, together with threat accelerators and mitigators. The presentation will conclude by looking at the different categories of threat that have an Insider component, control areas and to best approach the Insider threat problem. SpeakrInfo First Name

Last Name

Company

David

Aubrey-Jones

RBS

1/9206 Date:

945

- 103

Time:

ElectroniPaymshNd,DuApCb In this session, learn how public/private cooperation, consumer awareness, board agreements, and technical measures helped the Dutch managed to decrease electronic banking and skimming fraud from 85M in 2012 to 18M in 2015. As well as a look into the future of mobile payments and security. SpeakrInfo First Name

Last Name

Company

Marco

Doeland

Dutch Payments Association

1/9206 Date:

103

- 15

Time:

WhySouldYOvercmFafRspnibD Dutch banks and ING has been doing responsible disclosure already for more than three years. In this session the following subject will be presented: What is responsible disclosure and the difference between bug bounty programs? Why did the Dutch bank start with Responsible Disclosure? The lessons learned of implementing a worldwide responsible disclosure program The benefits of having a responsible disclosure program SpeakrInfo First Name

Last Name

Company

Vincent

Thiele

ING

1/9206 Date:

Time:

130

- 125

ETSCUpdate An overview of the European Threat and Strategy Committee’s (ETSC) work and vision to increase the relevance of FSISAC and further the engagement and participation of FS-ISAC members within the region. Learn more about the three main strands of ETSC activity: building trusted communities; improving engagement and collaboration particularly with law enforcement, government and regulators; and the development and embedding of a tailored regional service. SpeakrInfo First Name

Last Name

Company

Nick

Tuppen

Bank of America Merrill Lynch

1/9206 Date:

125

- 130

Time:

RegulatoryAspcfCdmin As financial institutions start to adopt cloud computing solutions as their new normal solution landscape, the regulatory requirements for managing residual risks appropriately are changing and new control models are required. The session will focus on first-hand experiences on how to handle controls and related evidence requirements with key cloud providers such as Microsoft (Office365), Github (GH Enterprise), and Amazon (AWS based development platforms). SpeakrInfo First Name

Last Name

Company

Frank

Fischer

Deutsche Boerse Group

1/9206 Date:

140

- 145

Time:

CorpatemunicDgybs How to plan, execute and assess an international exercise focusing on corporate communications during a cyber-attack. Join us to watch and evaluate how communication departments and communication managers react when a major cyber-attack occurs. SpeakrInfo First Name

Last Name

Company

Filip

De Cock

KBC Group NV

1/9206 Date:

145

- 1530

Time:

PhisngMtao-NSzeFAl Preventing user security threats is the holy grail of information security. This session will show how a strategy involving a mix of technical controls and administrative controls can help you a) prevent users from making mistakes if at all possible; b) detect these mistakes quickly when they do occur; and c) mitigate the impact of the mistakes immediately. This presentation will showcase sample awareness programs touching on the simulations including results and lessons learned. SpeakrInfo First Name

Last Name

Company

Aurobindo

Sundaram

RELX Group

1/9206 Date:

154 Time:

- 1630

HowSucesflarAnIitv? The majority of organizations have a security awareness program in place. However, it is not common to effectively measure the success rate and constantly optimize the awareness initiatives to maximize the impact on employees. Learn more about how the introduction of a phishing awareness measurement allows for an increased overall awareness within the organization without an increase of resources. SpeakrInfo First Name

Last Name

Company

Dusan

Halabica

Ceskoslovenska obchodni banka a.s.

1/9206 Date:

Time:

1630

- 175

SuportingReal/CyDvmfhF-IA’sHzdPbk& ExercisngModl The FS-ISAC All-Hazards Playbook is a 10-page document being used as a centerpiece for cyber & physical event crisis team collaboration and preparedness. The Playbook is currently U.S. centric, and we would like to change this by supporting international cyber business resiliency, coordinated crisis response capability, and regional Playbook exercising for our global members interested in developing these capabilities. In this session, Susan Rogers, FS-ISAC, Director of Business Resiliency, will discuss info sharing activities that have contributed to the broad usage and adoption of the FS-ISAC Playbook model during 2016. Member are encouraged to provide feedback and share their interest in adapting the Playbook resiliency tools beyond North America usage. Discussion will cover the following: creating a regional Business Resiliency Committee, Playbook customization, exercising, and examples of threat prioritization and resulting collaborative contingency planning under development. SpeakrInfo First Name

Last Name

Company

Susan

Rogers

FS-ISAC