The following recorded events and activities took place in 2021, but are still relevant and can be viewed again :
LSEC from Home webinars provide key insights in cybersecurity under lockdown, while preparing for recovery and beyond. We’ll be focusing on CyberSecurity Management from Home, having experts explaining their approaches and CyberSecurity Managers’ testimonials with best practices and challenges they’re facing in daily operations with their online teams.
Session 11 : June 30th : IoT Security Challenges for industry and enterprise – Roads less traveled – or why IoT security is so „different“ – every cybersecurity challenge in a device … and worse, Udo Schneider – Trend Micro
Although OT security is “strange” – at least for those coming from an IT background – it’s still familiar in most cases. One could argue that OT security is like IT security some years ago: Adding security controls to insecure systems after the have been developed or deployed…
This however is totally different when talking about (I)IoT devices. Without the possibility to bolt on security controls afterwards the whole approach to security becomes a challenge. During the webinar we’ll shed some light on experiences, best-practices, and technical measures to protect those devices during their development, deployment, operation and decommission. Just be warned that those might not be your well-known IT approaches though.
IoT is all around us. Things have being connected for years and will continue to be for many years to come. Typically, we consider connected refrigerators and toasters, but more fitting reality are all sorts of real estate going from video surveillance camera’s, fire and temperature sensors, doors, even smart chairs and cars. In addition, you’ll find connected robots, and the vast majority of office furniture such as phones, projectors, screens, printers, switches and other networking materials.
The security challenges go beyond the traditional network detection, white listing, and application security. Many of these devices carry their own little protocols, proprietary technologies, but still a lot of open source components.
Even this weekend, a new report that was published showed the severity of the vulnerabilities of IoT devices.
Join us to discover how to cope with IoT security in an industrial and enterprise context beyond the ICS – IEC62443 perspective.
About : With over a decade of Trend Micro, Udo Schneider has a long experience within the Computer & Network Security market landscape in EMEA. Excellent knowledge of Trend Micro and Check Point products and technologies from a technical and product marketing perspective. As Security Evangelist, Udo has been guiding us throughout different cybersecurity challenges. Today, with a particular good understanding of the challenges related to industrial systems and IoT.
Session 10 : June 23th : Under Attack : working from home, remote users, Microsoft Teams and VPN’s. An overview of different attack vectors, by Kris Bijnens, Varonis.
Security Challenges of Remote Workers and MS Teams. A remote workforce is susceptible to all kinds of threats – from VPN brute force attacks, to APT’s, to malicious insiders. With the pressures of business continuity straining security controls, the potential for compromise is high – and hackers are taking advanExpertisee. Join us to hear about the top ways we’ve seen attackers target remote workforces and learn about what you can do to protect your organization.
About : Kris Bijnens is a seasoned Senior Security Engineer with a history as a Digital Forensic Analyst at NATO. Currently he serves as a Senior Security Engineer for Varonis Systems in Belgium, the Netherlands & the Nordics. With a demonstrated history as a strong military and protective service professional he has served in system and security architecture projects, project management, data security software deployment and operations and DFIR cases.
Session 9 : June 9th : Network Detection and Response (NDR), an ML – AI based answer to SIEM and incident detection and reponse, Stijn Rommens – Vectra.ai
Many different ways exist today to detect cybersecurity threats and challenges. Many of the techniques and solutions have been evolving over the last number of years, and with the prospect of evolving Artificial Intelligence and ML-techniques today available, new approaches have been industrialized and widely been accepted. Nearly a decade ago already, we presented the first approaches in our various events and activities. Two weeks ago, some approaches to AI were presented in an earlier webinar. Now we will investigate the role of NDR versus many different other techniques and technologies, where it differs and why companies should consider in migrating their SIEM and IDS/IPS towards a combined NDR / EDR perspective, and if your organisation already did, how you can further improve this.
About : With over 20 years of experience in network security industries, Stijn can talk about network security challenges, cloud and cybersecurity in general. Before joining Vectra, Stijn held various customer-facing roles at successful network security companies like Symantec, Elastica, ISS, Juniper Networks and Palo Alto Networks. His focus always has been on becoming a trusted advisor, technology expert and team leader to finally run a larger team in Europe enhancing business processes and optimizing the framework in which an SE can work have been important areas of attention for him. Last but not least, Stijn always has paid lots of attention to a clear and meaningful message, taking the total picture into account, both in front of a small group or a big audience.
Session 8 : June 2nd : 5G security use cases and how 5G can trigger new security businesses and opportunities – 5G Series part 4 – Zhang Feng, Manager Research Support Center China Mobile
5G entails new cybersecurity technique such as network virtualization and slicing and dicing. Different techniques inteneded to furter solidify mobile data and voice traffic. Buth 5G is also fast and unlocks new potential of many other use cases. Through this webinar, you will discover a detailed overview of the functioning of 5G Cybersecurity functionality, how 3GPP organization is defining high-demanding standard in terms of security, applicable to all telco vendors and a concrete example of key security features and approach implemented by one of the major telco vendors.
About : Zhang Feng, Ph.D., Professor-level senior engineer, is the manager of the Research Support Center of China Mobile ISC and vice-chairman of China Industrial Internet Industry Alliance security group. He has long been engaged in research and management of new cyber security technologies and security standardization, and has led the formulation of more than 20 international and domestic standards, such as ITU, ISO, and CCSA, he has applied for more than 40 patents, published more than 10 academic papers at important academic conferences such as IEEE and core periodicals in China.
(The video of this recording has not been made available publicly. It was decided that the contents should only be made available within the cybersecurity community, and not to be broadcasted broadly. Thanks for your comprehension.)
Session 7 : May 26th : can the real AI please stand up!, Ralf Benzmueller G DATA CYBERDEFENCE AG
Artificial Intelligence in cybersecurity as such is not just a smart solution to prevent digital fraud, it’s the answer to the future of human-machine secured transactions. Artificial intelligence techniques can be used to learn how to remove noise or unwanted data and to enable security experts to understand the cyber environment in order to detect abnormal activity. Ai can also benefit cybersecurity with automated techniques to generate whenever cyber threats are detected. Artificial Intelligence is able to analyze massive amounts of data and allow the development of existing systems and software in an appropriate way to reduce cyber attacks.Similarly, the implementation of AI for cyber security solutions will help to protect organisations from existing cyber threats and identify new types of malware. But AI techniques can equally be misled, using other AI engines and automation to unlock reactions from systems in order fo them to operate differently. G DATA has been using AI techniques already for a number of years. Ralf will show how this works, what can be expected for Security Operations and Cybersecurity analysts.
About : Ralf serves as the Head of Securitylabs of G DATA Software AG. Benzmüller and his team of experts are constantly fully up to speed with what new trends and subjects are occurring in antivirus research, in close cooperation with international IT security research institutes all over the world. His remit includes the identification, analysis and assessment of new attack scenarios plus the development of new, proactive protection concepts that effectively protect users from still unknown threats on the Internet. Ralf has worked for G DATA since 1999 and has also been a guest lecturer for the IT Security course at the International School of IT Security since 2008. He is a frequent speaker at LSEC events, partner with LSEC in joint research projects and supports the Belgian G DATA team in their technical developments.
Session 6 : May 19th :How do EU and Member States adopt a risk-based approach with the Toolbox in order to ensure a secure 5G deployment and operation – 5G Series part 3
Few months back, the European Commission has endorsed a joint toolbox of mitigating measures agreed by EU Member States to address security risks related to the rollout of 5G. One of the key objectives of these guidelines is to avoid the fragmentation within the EU regulations at Member States level. The webinar will be the opportunity to listen to both vendor and operator, explaining why it is fundamental that this harmonization rely on evidence and fact-based approach
About : Koen Claesen is an experienced security professional with a demonstrated history of working in the networking and telecommunications industry. Currently he is working at Huawei’s Cyber Security Center in Brussels, where he demonstrates Huawei’s cyber security practices and educates customers and key EU stakeholders on Huawei’s security implementation in key technologies such as 5G, Cloud and IoT ecosystems. Before, Koen was Information Security Officer at Proximus, Senior Security Architect at GE and Information Security Architect at Cisco. With his decades of experiences and technology insight, Koen has a solid technical background to guide through the various security technologies of 5G.
Already since a couple of years we’re seeing the evolution from 4G mobile networks to 5G technology. On March 31st 2020, Proximus announced its roll-out in Belgium. But due to rumours and some fake news linking 5G to Corona, some roll-out had to be postponed. In a series of webinars, we’ll providing some key insights on 5G, 5G use cases and the security benefits of 5G for security and for enterprise and industrial use over 4G.Consider how to integrate new, up and coming technologies in your evolving CyberSecurity policies, risk considerations for your mobile workers, your branches and your Industrial IoT equipment or other Smart network and infrastructure components. Think of how 5G security could enable new business opportunities facilitating in car telematics, 5G secured enterprise networks and private WANs.
Session 5 : Cyber Kill Chain in the 21st century, Think like a Hacker – Act Like a CyberSecurity Professional by Alain Sanchez, CISO EMEA Fortinet
How about taking the attackers point of view? Consider to think like a Hacker, take a look into how they approach your organization as a target, what would be the typical phases of the attack and better understand what type of defense tools at each phase can be used and their effectiveness. Get a better understanding on how to use these insights in how to better coordinate defense actions, the tools and the teams mastering them in an efficient way.
About : Alain Sanchez has 20 years of executive engagement experience in the Network and Telecommunications domain. Alain joined Fortinet as a CISO Evangelist from Huawei Global Consulting Department where he was in charge of the Digital Transformation Practice. Fortinet CISO evangelists advise the executive committees of Large Enterprises and Service Providers as their Digital Transformation strategies require security-driven networks and holistic security approaches. Alain held executive positions in Alcatel-Lucent, Accenture, BT-Global Services and Nortel. Alain Sanchez graduated from the University of Technology of Compiegne with a degree in Biological Engineering complemented by a Master degree in industrial processes and is based out of the Fortinet EMEA Headquarters in Sophia-Antipolis, France.
Session 4 : May 5th : What do Network Operators put in place to effectively manage future 5G security threats? by the Chief Security Office Orange Europe, Francois Zamora – 5G Series part 2
About : Francois has Telecom Engineering background. Chief Security Officer for the Europe division of Orange, he is in charge, in addition of his CSO duties of a multi-country security coordination work streams for the transformation of IT and Network (ITN). To anticipate the cybersecurity standardization consequences on architecture design and on operations requirements, Francois is Chair of the France mirror of the ISO/IEC JTC1 SC27, closely teaming with the European ecosystem. Before joining Orange’s Technology and Global Innovation, Francois was successively at Orange’s Group Security Department where he lead the global security management system for the Group, one of the Group’s pillars for security governance in its Europe.
Session 3 : April 28th : CyberSecurity Management from Home : Stalkerware
My wife is watching me: The spy inside all of us.During this lecture Eddy Willems will take you inside the dark world of some specific spyware: stalkerware. Why is stalkerware so special or isn’t it? Is this a new phenomenon? Eddy will guide you through the most common features of stalkerware. Is it easy to install? What are the differences between spyware and this kind of malware. How do the companies who create this software advertise themselves? Is it really legal? Eddy will show you a couple of examples. What are the technical challenges for the security industry? What can you do about it? What if your husband, wife, boyfriend, ex-lover or even father is using it against you? If you care about your privacy this lecture is a must. If you want to know more about spyware this lecture can open your eyes even more.
About : Eddy Willems is a known Belgian security expert. In 1989 he became interested in viruses due to an incident with the ‘aids-information’-diskette Trojan incident. His solution was well received in the Belgian media and businesses. In 1991 he became a founding member of EICAR (European Institute for Computer Anti-Virus Research). In 1995 he became a participant of Joe Wells’ Virus Wildlist. He wrote the “Virus Article” for the US Microsoft Encarta Encyclopedia edition 1997. In May 2005 Willems became a board member and the Director of Press and Information for EICAR. Since the beginning of 2010 he is working as Security Evangelist for the security company G Data Software AG. He is doing anti-malware and security research, consultancy, training and communication with press, distributors, resellers and end users. Eddy Willems often speaks at known security conferences like Virus Bulletin, EICAR, AVAR and others. He is also a recognized security media expert with experience in live tv ranging from local to international TV stations like CNN.
5G Session 1 : Overview of 5G technology, its security standard, example of Huawei’s security features and zero-trust approach, CS Session 2 : April 21st , 9AM CET by Yoann Klein/Koen Claesen
We are now seeing the first incarnations of 5G technology. It provides many capabilities that make it a preferred platform for the digitalized world. Solid security is one of the strengths of 4G networks but even more security and resilience are expected from 5G. So why is 5G secure ? How do experts from industry and standards organizations ensure that 5G security risks can be effectively managed in terms of security protocols and standards as well as security assurance mechanisms? Through this webinar, you will discover a brief overview of the functioning of 5G, how 3GPP organization is defining high-demanding standard in terms of security, applicable to all telco vendors and a concrete example of key security features and approach implemented by one of the major telco vendors.
Already since a couple of years we’re seeing the evolution from 4G mobile networks to 5G technology. On March 31st 2020, Proximus announced its roll-out in Belgium. But due to rumours and some fake news linking 5G to Corona, some roll-out had to be postponed. In a series of webinars, we’ll providing some key insights on 5G, 5G use cases and the security benefits of 5G for security and for enterprise and industrial use over 4G. Consider how to integrate new, up and coming technologies in your evolving CyberSecurity policies, risk considerations for your mobile workers, your branches and your Industrial IoT equipment or other Smart network and infrastructure components. Think of how 5G security could enable new business opportunities facilitating in car telematics, 5G secured enterprise networks and private WANs.
About : Yoann Klein, Senior Cyber Security Advisor, Huawei is part of the Huawei’s Global Cyber Security Privacy Office. Based at the Huawei Cyber Security Transparency Center in Brussels, he is focusing on 5G and IoT security areas. Prior to joining Huawei, Yoann has been working almost 15 years for major European companies in the defence and security industry, where he specialized in critical infrastructure protection. He started his career at Proximus in the security department before joining Airbus as technical solution manager, securing telco public safety networks in Benelux. In 2015, he joined Thales Belgium as Head of Cyber Security Engineering. His different experiences lead him to take technical authority roles in various demanding environments such as defense, public safety, aeronautics, space and transportation. Yoann is the holder of several recognized cyber certifications such as CISSP from ISC², GMON from GIAC and CRISC from ISACA.
About : KOEN CLAESEN, Senior Cyber Security Advisor, Huawei is an experienced security professional with a demonstrated history of working in the networking and telecommunications industry. Currently he is working at Huawei’s Cyber Security Center in Brussels, where he demonstrates Huawei’s cyber security practices and educates customers and key EU stakeholders on Huawei’s security implementation in key technologies such as 5G, Cloud and IoT ecosystems.
Session 1 : Current Threat landscapes under COVID-19 and managing investigations remotely, April 7th, 9AM with Bart Vanautgaerden from the Mandiant Incident response team and David Grout, CTO from FireEye
“LSEC from Home: Cybersecurity in Lockdown”
David Grout will be identifying The New Normal, our current real life in the field, remote working challenges, with examples and trends in the market. How do we relate best with our teams and join efforts all together in combatting cyber challenges? Do we need to change our risk attention, do we have to adapt to new emerging threats? Bart Vanautgaerden will provide us deeper insights how to manage investigations remotely, based upon experiences from Mandiant’s incident response perspective . As we adjust to the New Normal, what challenges are there to conduct investigations remotely, and how to overcome these.
Topic: LSEC Breakfast CyberSecurity Seminar