1/7206 Date:
9:45
- 10:3
Time:
CyberScuit–ManhlgsfoBkEpdNP-v Coperatin SpeakrInfo First Name
Last Name
Company
Sébastien
de Brouwer
European Banking Federation
1/7206 Date:
15
- 145
Time:
TheStaofCybrRsilncEup:BPImvgd Security leaders have recognized the impossibility of blocking all security threats and forward-thinking financial services firms are now focusing on their state of cyber resilience. With this in mind, the Ponemon Institute and Resilient conducted the industry’s first cyber resilience study, and this session will look at what these findings means for financial services firms and leading practices for consideration to improve cyber resilience, including case studies from leading financial services providers. SpeakrInfo First Name
Last Name
Company
John
Bruce
IBM
1/7206 Date:
145
- 125
Time:
ReducingYorAtakSf:DMWbCmps,3Pyw ShadowIT What if you could find common elements used across the internet that increase your risk of an IT breach and eradicate them from your internet facing assets? This session will demonstrate how to leverage vulnerable web components within web applications and third-party software with security holes and risky services being used by your employees and users. By traversing these markers and finding them where they exist across your external web facing infrastructure, you can dramatically reduce your attack surface and eliminate some common threat vectors used by hackers. SpeakrInfo First Name
Last Name
Company
Jason
Zann
RiskIQ
1/7206 Date:
1230 Time:
- 130
ModelingthTraDyF(BC) Hear how one major financial institution is currently modelling the cyber threat in order to better understand the inherent and residual risk. This session will also offer an opportunity to share views and explore flaws within the model and perhaps even create a better way. SpeakrInfo First Name
Last Name
Company
Kevin
Jones
JPMorgan Chase
1/7206 Date:
1230
- 130
Time:
UnderstaigFS-IACfomuc,l Michael O’Donnell, Director of the FS-ISAC Intelligence Team will host a discussion to help members better understand FS-ISAC information sources, alert types, alert taxomomy, alert definitions, provide an high level view of analyst workflow as well as an overview of other IAT products. This information should help members understand the difference between actionable and awareness related alerts allowing them to refine notifications to best fit their needs. SpeakrInfo First Name
Last Name
Company
Michael
O'Donnell
FS-ISAC
1/7206 Date:
1230
- 130
Time:
CISOasetudy:Gingco,D-rvVblRk ContrlPefmac Schroders Senior Information Security Threat and Risk Specialist, Simon Eggleton and Nik Whitfield, CEO of Panaseer, will present on how security leaders can harness data science and big data technology to advance, simplify and automate the way they: - Identify, measure and communicate material risk to Executives. - Show the value of security investment and justify priorities to protect critical assets. - Maximise the time their team have to focus on security, rather than battling with PowerPoint and Excel. - Ensure GRC stakeholders have the tailored information they need, when they need it. Attendees will hear practical examples of opportunities, challenges (both business and technical) and how to solve them. SpeakrInfo First Name
Last Name
Company
Nik
Whitfield
Panaseer
Simon
Eggleton
Schroders
1/7206 Date:
Time:
13:0
- 14:30
IntroduciFS-AC This session is an interactive workshop on FS-ISAC services. It provides an overview of FS-ISAC, how to use the portal, filter alerts, and participate in appropriate special interest groups. SpeakrInfo First Name
Last Name
Company
Teresa
Walsh
FS-ISAC Europe
Ray
Irving
FS-ISAC
1/7206 Date:
1430
- 1530
Time:
TherutaboFlsPiv Finding false positives in Cyber Threat Intelligence (CTI) drives all analysts and security operations teams crazy. This session will show you how to identify if a CTI is a false positive or useful information by exploring the two main ‘root causes’ for CTI data being considered a false positive. Additionally, this session will help you develop your own processes for adjudicating potential false positives and show a methodology on how to contribute back to the community your analysis so that other can benefit from your research. This session will be of immediate interest to attendees consuming and acting on CTI data from the FS-ISAC portal. SpeakrInfo First Name
Last Name
Company
Mark
Clancy
DTCC
1/7206 Date:
1430
- 1530
Time:
CognitveScuryfFadMm Two years ago, the Integrated Technological Fraud Management project was launched with the objective of using big data to detect, prevent, and mitigate the internal and external fraud, exploiting all available data (structured and unstructured). This session provides an inside look at experiences and lessons learned via the application of big data algorithms and cognitive computing for automated fraud management. SpeakrInfo First Name
Last Name
Company
Mario
Maawad
Caixabank
Romana
Sachova
Caixabank
1/7206 Date:
Time:
1430
- 1530
InformatiAdvge-3CclThUsYuOz This session will show how analysts can make substantially better threat assessments and gain more comprehensive coverage through automation. Use cases will address: gaining insight into new and emerging malware and threat actors; monitoring and protecting a company’s domain, brand and assets; monitoring critical third-party vendors for security risk and breach exposure in real time; improving prioritization of vulnerabilities that typically impact financial services organizations; and integrating threat intelligence in the security operations center (SOC) enabling faster verdicts. SpeakrInfo First Name
Last Name
Company
Adrian
Porcescu
Recorded Future
1/7206 Date:
160
- 170
Time:
Synack:TrustedHWhoBYAli,Nv To beat a hacker, you have to think like a hacker, but to protect an enterprise against constant, complex threats, you can’t just think like one, you have to ignite hundreds of the world’s best ethical hackers into rapid action. Synack is pioneering a trusted hacker-powered approach to protecting an organization’s digital surface, arming security teams with hundreds of the world’s best hackers who want to be your allies, not your adversaries. SpeakrInfo First Name
Last Name
Company
Jay
Kaplan
Synack
1/7206 Date:
Time:
160
- 170
WhyisE-malSTILte#1CnforbAck?’Nwp SecuringE-mal Phishing campaigns targeting consumers cost financial institutions and other global brands over $4.5B last year with no end in sight. Similarly, even simple spear phishing schemes defeat inbound email defences with astounding success rates; the Verizon Data Breach Report states 78% of data breaches use email as the initial entry point. The common denominator and modus operandi for all email cyber-crime, whether outbound (consumer phishing) or inbound (enterprise spear phishing) is surprisingly simple - it is the exploitation of trust. Consumer phishing harms your customers by exploiting their trust in your brand. Spear phishing harms your enterprise by exploiting employees' trust in their colleagues, partners and customers. Join Agari as they share experiences and lessons learned in this ongoing battle for secured trust in the email channel, and explain how technology is evolving to finally allow a holistic approach to email security. Agari is trusted by leading Fortune 1000 companies, including 6 of the top 10 banks, to protect their organisations, partners, customers and citizens from advanced email phishing attacks. The Agari Email Trust Platform™ is the industry’s only solution that ‘understands’ the true sender of emails, leveraging the company’s proprietary, global email telemetry network and patent-pending, predictive Agari Trust Analytics to identify and stop phishing attacks. The platform powers Agari Enterprise Protect, which help organisations protect themselves from advanced spear phishing attacks, and Agari Customer Protect, which protects consumers from email attacks that spoof enterprise brands. SpeakrInfo First Name
Last Name
Company
Patrick
Peterson
Agari
1/7206 Date:
160
- 170
Time:
Anomali:UburdegThtHsyOpzIcD Threat hunting describes a more proactive approach to threat intelligence analysis and identifying business risks. To support this proactive approach, the threat analyst must be unburdened from the task of having to identify which of the tens of millions of threat intelligence indicators of compromise (IOCs) are relevant to the business at any given moment. Anomali’s threat intelligence platform is the first to automatically read your company’s log data as it’s being written to your SIEM looking for potential IOCs. Those identified are fed back to the SIEM supporting existing investigation workflows. The advantages are an intelligence driven SOC, scale to support retrospective analysis of up to a year’s worth of data, and a focus on the threat intelligence that’s relevant to your organization. SpeakrInfo First Name
Last Name
Company
Colby
DeRodeff
Anomali
1/7206 Date:
Time:
160
- 170
ElimnateMwrhoScuyIsPf "Financial services employees frequently visit financial news sites and search for real-time information to be effective in their jobs. Unfortunately, this puts them at risk to threats such as ransomware. Even with a web security gateway and other security measures in place, the web remains an overwhelming source of malware infections. Menlo Security’s new and innovative approach to security routes Web connections through an isolation platform, which isolates all active content in the cloud and eliminates malware threats such as ransomware. The user experience is unchanged running on any device type, browser, or operating system, providing complete safety without the need to deploy hardware or endpoint software." SpeakrInfo First Name
Last Name
Company
Jason
Steer
Menlo Security
1/7206 Date:
160
- 170
Time:
SurveyIdntifsoTcChalgEp-Mj RespondtLackCfihrAblySITDv "The research conducted under 350 respondents revealed that while the majority of respondents acknowledge the growing number of IoT devices on their networks, they are unaware of how to properly secure them. Key findings include: •Inability to see (IoT) devices connected to their network •False Sense of Security – traditional methods run short to identify and secure IoT devices •Insecure and/or lack of Security Policies – to secure IoT devicesSurvey Identifies IoT Security Challenges for the Connected Enterprise - Majority of respondents lack confidence in their ability to see and control IoT devices •Lack of IT Collaboration •Working From Home Puts the Enterprise at Risk •Demand for Agentless Security" SpeakrInfo First Name
Last Name
Company
Jan
Hof
ForeScout Technologies
1/7206 Date:
160
- 170
Time:
SecurityfohMblsngFaWkp Mobility is transforming the notions of financial management in our business and social lives. While we depend on the basics, they are just extensions of current practices. This session will discuss what the transformational innovations for mobile finance are and how to secure them. SpeakrInfo First Name
Last Name
Company
Kurt
Roemer
Citrix
1/7206 Date:
160 Time:
- 170
IntroducigvefamBM Fraudsters are continually deploying more sophisticated methods to impersonate banking customers and elude traditional security solutions. How do you know the “customer” logging into your online banking system is who they say they are, without negatively impacting the customer experience. Introducing cognitive fraud detection capabilities from IBM Trusteer that uncover in real-time when fraudsters impersonate legitimate users. With this new capability, customers are able to help differentiate an account user’s typical online behavior from abnormal behavior SpeakrInfo First Name
Last Name
Company
Nir
Stern
Trusteer
1/8206 Date:
945
- 105
Time:
ScanersDd. Many application security teams scramble to pinpoint vulnerabilities and flaws during the testing and release stages while managing limited security resources, a multitude of compliance regulations, and surprise feature requests. Although security teams try to follow the right application security practices, many applications are shipped with fragmented security. The most common denominator is the reliance on dynamic and static testing tools during the final stages of the lifecycle. In this session, learn about the benefits of building security during the requirements phase or the first stage of the software development lifecycle. SpeakrInfo First Name
Last Name
Company
Rohit
Sethi
Security Compass
1/8206 Date:
10
- 120
Time:
HowaDOSAtckCpuledINGBn’sThrbi-y The speakers will share how one bank recovered from a DDoS attack and began their CCERT. Hear about the building of the CCERT and jumpstarting their biggest undertaking: the core Intel Project, using Cyber Threat Intelligence (CTI) to change cyber security tactics. From the good and the bad, on both strategic and tactical levels, this story will inspire you, as it gives you practical insights and learnings on how to build a CTI practice. SpeakrInfo First Name
Last Name
Company
Raymon
van der Velde
EclecticIQ
Francesco
Bigarella
ING
1/8206 Date:
Time:
10
- 120
CanTecholgyAPrvtiskdB? It is well known that phishing is the top entry method for hackers accessing corporate networks. Data breach reports continue to highlight the substantial lag between incident occurrence and detection, yet organizations continue to neglect their last and best line of defense: their employees. Learn how to make it harder for attackers by leveraging a resource you already have. SpeakrInfo First Name
Last Name
Company
Aaron
Higbee
PhishMe
1/8206 Date:
10
- 120
Time:
Reviwof2016CAPSExrcs In 2015, FS-ISAC conducted the European Cyber-Attack against the Payment Process exercise for the first time with 48 financial institutions from 19 countries participating. The 2016 CAPS Exercise for EMEA was held in October and in this presentation the aggregated results of a simulated attack against wholesale payment operations by cybercriminals using destructive malware will be reviewed. SpeakrInfo First Name
Last Name
Company
Charles
Bretz
FS-ISAC
1/8206 Date:
125
- 135
Time:
InteligcSharFoNwy This presentation takes a practical angle explaining information/intelligence sharing in the financial sector in Norway including how prevalent incidents are approached and solved; how intelligence about these incidents is received and shared; how to build trust and a sense of community to prevent incidents and facilitate response; and what information is shared and why. SpeakrInfo First Name
Last Name
Company
Olga
Troshkova
FinansCERT Norge AS
1/8206 Date:
Time:
125
- 135
IntheHarofBc:LsmFilSvCyb-Ak Financial services institutions are widely regarded as having implemented the most advanced safeguards for sensitive information and cyberattacks. Yet despite being early adopters of cyber security technology and spending millions on digital security, data breaches in this sector continue to occur at an alarming pace. This session summarizes key learnings from large financial services organizations regarding how best to reduce the enterprise attack surface given the rise of interconnected devices in the Internet of Things, assess and manage risks from third-party vendors, and improve cyber security literacy in the C-suite. SpeakrInfo First Name
Last Name
Company
Dwayne
Melancon
Tripwire
1/8206 Date:
125
- 135
Time:
GoingBeydMalwr:HtCmbWhTAck Most breaches are not malware based. CrowdStrike will disclose hard-hitting new facts and insights into recent global attacks and advanced cybercrime targeting large financial services organizations. Based on actual case studies, we will provide important lessons about the attackers’ tactics, tradecraft and objectives join your peers to learn more about hacker tradecraft and how unified next generation AV and endpoint detection and response, combined with managed threat hunting, provides continuous breach prevention. SpeakrInfo First Name
Last Name
Company
Michael
Sentonas
CrowdStrike UK Ltd.
1/8206 Date:
145
- 15
Time:
SecuringthHmaFo Forget about firewall attacks, it’s time to think about the human element. While most security professionals agree that people are your weakest link, this is still an ignored top security area. This session will help you develop a thorough understanding of human vulnerabilities, with a balance between systemic improvements to shield human weaknesses and cognitive-oriented training and awareness. SpeakrInfo First Name
Last Name
Company
Darren
Argyle
Markit Ltd.
1/8206 Date:
145 Time:
- 15
Cyberscuit–aQonfT? With the scale, scope, and complexity of cyber-attacks increasing by the week, cybersecurity is increasingly being seen as a primary issue for CEO’s in the financial sector, and the sector is under increased scrutiny from regulators, governments & the media. Advice is not hard to find, there are a multitude of information sources & standards; the in-house CIO will have a view, and of course there are a myriad of vendors, each with a solution that promises to be the answer to all security problems. Trust is at the heart of a successful security strategy, yet knowing who & what can be trusted, and whether that trust should be absolute or conditional, is extremely difficult. In this non-technical briefing we will discuss the components of a successful cybersecurity strategy, how massive data analysis helps Microsoft protect its infrastructure & customers data, and consider what level of trust a CEO should give to their people, advisors, supply chain, infrastructure, and government. SpeakrInfo First Name
Last Name
Company
Robert
Hayes
Microsoft
1/8206 Date:
145
- 15
Time:
Signofr-Out Software signoff is an inevitable step in maturing software development processes in order to deliver better and safer software. Like with other engineering disciplines before, the growing concerns for safety, security, and standards is driving the industry to do better. In this talk, we will explain what software signoff means and why organizations must adopt it before it is too late. SpeakrInfo First Name
Last Name
Company
Ofer
Maor
Synopsys
1/8206 Date:
160
- 170
Time:
SpeakrInfo First Name
Last Name
Company
Carsten
Scholz
Allianz SE
Alain
Beuchat
UBS AG
Berit
Borset
DNB
Nick
Tuppen
Bank of America Merrill Lynch
1/9206 Date:
9:0 Time:
- 9:45
#Insider?–AapochfmgtT The threat from Insiders is a growing concern to all organisations today. Reports continue to show that many of the largest breaches are conducted by Insiders, or have an Insider component. David will discuss an approach that has been developed at RBS for managing the Insider threat, its various components and how best to address it. This will consider what makes an Insider and the types of Insider including ‘Insider Insiders’, ‘Outside Insiders’ and their different objectives. Influencers will be outlined, together with threat accelerators and mitigators. The presentation will conclude by looking at the different categories of threat that have an Insider component, control areas and to best approach the Insider threat problem. SpeakrInfo First Name
Last Name
Company
David
Aubrey-Jones
RBS
1/9206 Date:
945
- 103
Time:
ElectroniPaymshNd,DuApCb In this session, learn how public/private cooperation, consumer awareness, board agreements, and technical measures helped the Dutch managed to decrease electronic banking and skimming fraud from 85M in 2012 to 18M in 2015. As well as a look into the future of mobile payments and security. SpeakrInfo First Name
Last Name
Company
Marco
Doeland
Dutch Payments Association
1/9206 Date:
103
- 15
Time:
WhySouldYOvercmFafRspnibD Dutch banks and ING has been doing responsible disclosure already for more than three years. In this session the following subject will be presented: What is responsible disclosure and the difference between bug bounty programs? Why did the Dutch bank start with Responsible Disclosure? The lessons learned of implementing a worldwide responsible disclosure program The benefits of having a responsible disclosure program SpeakrInfo First Name
Last Name
Company
Vincent
Thiele
ING
1/9206 Date:
Time:
130
- 125
ETSCUpdate An overview of the European Threat and Strategy Committee’s (ETSC) work and vision to increase the relevance of FSISAC and further the engagement and participation of FS-ISAC members within the region. Learn more about the three main strands of ETSC activity: building trusted communities; improving engagement and collaboration particularly with law enforcement, government and regulators; and the development and embedding of a tailored regional service. SpeakrInfo First Name
Last Name
Company
Nick
Tuppen
Bank of America Merrill Lynch
1/9206 Date:
125
- 130
Time:
RegulatoryAspcfCdmin As financial institutions start to adopt cloud computing solutions as their new normal solution landscape, the regulatory requirements for managing residual risks appropriately are changing and new control models are required. The session will focus on first-hand experiences on how to handle controls and related evidence requirements with key cloud providers such as Microsoft (Office365), Github (GH Enterprise), and Amazon (AWS based development platforms). SpeakrInfo First Name
Last Name
Company
Frank
Fischer
Deutsche Boerse Group
1/9206 Date:
140
- 145
Time:
CorpatemunicDgybs How to plan, execute and assess an international exercise focusing on corporate communications during a cyber-attack. Join us to watch and evaluate how communication departments and communication managers react when a major cyber-attack occurs. SpeakrInfo First Name
Last Name
Company
Filip
De Cock
KBC Group NV
1/9206 Date:
145
- 1530
Time:
PhisngMtao-NSzeFAl Preventing user security threats is the holy grail of information security. This session will show how a strategy involving a mix of technical controls and administrative controls can help you a) prevent users from making mistakes if at all possible; b) detect these mistakes quickly when they do occur; and c) mitigate the impact of the mistakes immediately. This presentation will showcase sample awareness programs touching on the simulations including results and lessons learned. SpeakrInfo First Name
Last Name
Company
Aurobindo
Sundaram
RELX Group
1/9206 Date:
154 Time:
- 1630
HowSucesflarAnIitv? The majority of organizations have a security awareness program in place. However, it is not common to effectively measure the success rate and constantly optimize the awareness initiatives to maximize the impact on employees. Learn more about how the introduction of a phishing awareness measurement allows for an increased overall awareness within the organization without an increase of resources. SpeakrInfo First Name
Last Name
Company
Dusan
Halabica
Ceskoslovenska obchodni banka a.s.
1/9206 Date:
Time:
1630
- 175
SuportingReal/CyDvmfhF-IA’sHzdPbk& ExercisngModl The FS-ISAC All-Hazards Playbook is a 10-page document being used as a centerpiece for cyber & physical event crisis team collaboration and preparedness. The Playbook is currently U.S. centric, and we would like to change this by supporting international cyber business resiliency, coordinated crisis response capability, and regional Playbook exercising for our global members interested in developing these capabilities. In this session, Susan Rogers, FS-ISAC, Director of Business Resiliency, will discuss info sharing activities that have contributed to the broad usage and adoption of the FS-ISAC Playbook model during 2016. Member are encouraged to provide feedback and share their interest in adapting the Playbook resiliency tools beyond North America usage. Discussion will cover the following: creating a regional Business Resiliency Committee, Playbook customization, exercising, and examples of threat prioritization and resulting collaborative contingency planning under development. SpeakrInfo First Name
Last Name
Company
Susan
Rogers
FS-ISAC