IRISSCERT
Cyber Crime Conference
The IRISSCERT Cyber Crime Conference will be held
this year on Wednesday the 23rd of November 2011 in the D4Berkley Court Hotel,
in Ballsbridge Dublin. This is an all day conference which focuses on
providing attendees with an overview of the current cyber threats facing
businesses in Ireland and throughout the world and what they can do to help deal
with those threats.
Experts on various aspects of cyber crime and
cyber security share their thoughts and experiences with attendees, while a
number of panel sessions will provide the opportunity to discuss the issues that
matter most.
The conference will be open to anyone with the
responsibility for securing their business information assets. There is no
charge for those who wish to attend.
The IRISSCERT Annual Conference is an
opportunity to not only increase your knowledge but also to meet and network
with your peers in a relaxed environment.
In parallel to the conference, IRISS also
hosts Ireland's premier Cyber Security Challenge,
HackEire, to identify
Ireland's top cyber security experts who compete against each other in a
controlled environment to see who will be the first to exploit weaknesses in a
number of systems and declare victory. The purpose of the
HackEire competition is to
demonstrate how attackers could gain access to your systems and allow you to
learn from the event on how to prevent such attacks from impacting your network.
If you are interested in attending please
register here.
Speaker Lineup
Keynote Speaker
- Mikko Hypponnen - Chief Research Officer - F-Secure
Mikko Hypponen is based in Helsinki,
Finland. He has been analysing computer viruses for more than 20 years. He
has written on his research for publications such as Scientific American,
New York Times and CNN.com. According to information leaked by Wikileaks,
the US Government has classified Mr. Hypponen as an Infosec Rock Star (true
story). He's also the oldest child genius on the planet. And every time he
swims, dolphins appear.
Topic: Memoirs of a Data Security
Street Fighter
From Brain.A to Stuxnet: we've been
fighting PC viruses for 25 years now. What was once an annoyance has become
a sophisticated tool for crime and espionage. Mikko Hypponen tells us how we
got into this mess and shows the way out.
Rik Ferguson - Director Security
Research & Communication EMEA - Trend Micro
Rik Ferguson brings more than seventeen
years of security technology experience to his role as Director of Security
Research & Communications at Trend Micro. In this position, Rik is actively
engaged in research into online threats and the underground economy. He also
researches the wider implications of new developments in the Information
Technology arena and their impact on security both for consumers and in the
enterprise, contributing to product development and marketing plans. Rik
writes the Countermeasures blog and is the lead spokesperson for Trend
Micro. He is often interviewed by the BBC, CNN, CNBC, Channel 4, Sky News
and Al-Jazeera and quoted by national newspapers and trade publications
throughout the world. Rik also makes a regular appearance as a presenter at
global industry events. Remaining actively engaged in customer projects, Rik
tries to ensure his views and areas of research reflect the security
concerns as experienced by enterprises and individuals as they come to grips
with new technologies. In April 2011 Rik was formally inducted into the
InfoSecurity Hall of Fame.
Prior to assuming his current role, Rik
served as Solutions Architect at Trend Micro. Previously, he served as
Security Infrastructure Specialist at EDS where he led the security design
work for government projects related to justice and law enforcement and as
Senior Product Engineer at McAfee focused on network security, intrusion
prevention, encryption and content filtering.
Topic: Developing a Robust Security
Architecture for the Cloud
As enterprises and governments accelerate
their deployment of virtual environments and adoption of cloud technologies
this necessitates a radical rethink of security architecture and mindset.
The virtual and cloud environments offer huge gains in productivity and
agility but also introduce new risks and vulnerabilities which may not have
had an allegory in the physical data centre.
This presentation will examine new threats
to cloud infrastructure explore the associated risks and propose a new way
of conceiving robust enterprise security architecture without sacrificing
the gains in performance and agility that are driving this migration.
Dale Pearson - Founder - Subliminal Hacking
Dale Pearson is a passionate Information
Security Professional with over 8 year’s experience in IT security, and over
12 years in the IT Industry. He has been exposed to and works in a wide
range of security areas, such as security and risk consulting, policy and
compliance, penetration testing, social engineering, forensics, incident
response, and awareness training. Dale is the founder of
subliminalhacking.net where he blogs about social engineering, body
language, influence skills, hypnosis, and other skills to improve success as
a social engineer. He is also one of the hosts of the
Eurotrash
Security Podcast
Topic : Slipping In - You Won't Feel A
Thing
People are becoming more familiar with the
term social engineering, but do people really understand the process a
social engineer would take to gain access to their corporate assets?
Social Engineering can often form the
catalyst of a sophisticated hack, the recent HBGary and RSA hacks being the
most recent to make the headlines, and costing the companies millions of
dollars.
In this talk we shall go through the high
level steps and information used by a social engineer to gain entry and
steal those corporate assets from right under your nose. We will discuss the
reconnaissance and information gathering process, how to build important
relationships, creating the right level of influence, gaining access,
identifying the assets and finding the nearest exist.
Robert McArdle - Manager EMEA Forward
Looking Threat Research - Trend Micro
Robert is currently working as the
manager of Trend Micro's Forward Looking Threat Research team in Europe,
where he is involved in analyzing the latest malware threats,
specializing in researching the future threat landscape and criminal
underground. Robert is a regular presenter for the press and at security
conferences. He has also written and lectures an MSc module in Malware
Analysis at Cork IT and is a trainer for several SANS qualifications. A
graduate of Trinity and DCU he holds several qualifications from SANS
and serves on the SANS advisory board.
Topic: HTML5 - A Whole New Attack
Vector
HTML5 opens up a wide and wonderful
new world for Web Designers to explore - bringing fantastic new features
that were previously only possible via Flash or horribly
over-complicated Javascript. And HTML5 is not a future technology -
chances are your favourite browser already has excellent support built
in (unless you are still using IE)
In this talk we will look at HTML5
from an attackers view-point. Because not only does HTML5 bring us
Semantic web, editable content, inbuilt form validation, local storage,
awesome video support and the long overdue death of <div> - it also
opens up a host of new opportunities for attackers.
We'll look at some of the troublesome new
attacks that this new HTML5 standard introduces, how attackers can
leverage these attacks to cause untold havoc on your machine, and how -
with a little bit of help from some not so over-complicated Javascript -
we can build Botnets in your Browser!
Ryan Jones - Managing Consultant, Incident
Response EMEA - Trustwave SpiderLabs
Ryan Jones currently leads the
SpiderLabs Incident Response Team in EMEA. The team commonly manages
data compromises related to cardholder data but are also regularly
involved in other projects such as ATM compromises and data breaches
caused by internal staff. The Incident Response team also carry out
proactive engagements to ensure that customers have an effective
incident response plan; drawing upon extensive knowledge of how it goes
wrong in real data security breaches to improve companies’ approach to
Incident Response.
During Ryan’s incident response career
Ryan has worked for both UK National Law enforcement and private
companies. He has been involved with both criminal and corporate
investigations with scope ranging from a single mobile telephone to
multinational networks. For the past 4 years, Ryan has been a corporate
first responder involved with a wide variety of businesses from small
companies to multinationals during times when they have been struggling
to react to a rapidly changing data compromise situation. Ryan firmly
believes that a consultative approach coupled with the appropriate
technical knowledge is key to successful incident response engagements.
Ryan graduated from the University of
Kent with a First Class BSc in Computer Science. He is also a PCI QSA.
In his spare time he can be found skydiving at various dropzones around
the country.Topic: Forensic
Readiness – Give your investigators a fighting chance
Investigators are often faced with
poorly configured systems which thwart the investigative process. This
leads commonly leads to incident response reports with fragmented
timelines of attack and leaves risk managers having to make difficult
decisions based on incomplete information.
Companies that consider Forensic
Readiness put their investigators in a much stronger position and can
expect considerably more accurate outcomes from a forensic
investigation.
This talk looks at the same web
application attack, carried out on systems with differing audit
controls. The first system has ‘out of the box’ logging and the second
has had logging improved through a Forensic Readiness process carried
out before the attack.
We approach the machines as an
Incident Response Specialist would and compare the evidence stores and
the ability of the investigators to make accurate conclusions based on
the evidence available. We will look at the contrasting final reports
which are produced with the differing levels of forensic evidence,
highlighting the decisions that have to be made based on the varying
level of detail provided in the reports.
Someone for whom forensic investigation
of web application exploits is a new topic will gain an understanding of
some of the forensic techniques possible. Whilst attendees who already
have some forensic investigation knowledge will understand how forensic
readiness can have a massive effect on the outcome of investigations
David Rook - Security Analyst - Realex
Payments
David works as a Security Analyst for
Realex Payments in Dublin. He is a contributor to several OWASP projects
including the code review guide and the Cryptographic Storage Cheat
Sheet. He has presented at leading information security conferences
including DEF CON, SecurityBSides Las Vegas and RSA Europe. In addition
to his work with OWASP David created a security resource website and
blog called Security Ninja (http://www.securityninja.co.uk).
In 2010 the Security Ninja blog was
nominated for five awards including the best technology blog at the
Irish Blog Awards, the Computer Weekly IT Security blog award and was a
finalist for the Irish Web Awards Best Technology Site. The website has
an international audience with visitors from over 140 countries. David
has recently become one of the first mentors in the Information Security
Mentors project helping young people progress their information security
careers.Topic: Agnitio: the
security code review Swiss army knife
Teaching developers to write secure
code, helping security professionals find security flaws in source code,
producing application security metrics and reports with integrity checks
and audit trails. If you want to implement an SDLC that produces secure
software with the audit trails and reports frequently demanded by
auditors and management you need to acknowledge that these are key
constituents and implement them in a form that is both easy to
understand and use.
This is far easier to talk about than
it is to implement in the real world where well structured SDLC’s are
rare and application security programmes are usually under funded.
Working with developers, security professionals and management to
cultivate an environment where secure code is written and flaws found
consistently requires both time and money. The same can be said for
producing informative reports and metrics when all of your security code
review data resides in notepad, Word and Excel files. With these
problems in mind I developed Agnitio to be my security code review Swiss
army knife and released it as a free tool in late 2010.
In this demonstration filled talk I
will show how Agnitio can be used to addresses repeatability, integrity
and audit trail concerns by requiring the creation of application
profiles, the use of a security code review checklist consisting of over
60 application security questions and mandatory integrity checks for
reviews and reports created using the tool. I will demonstrate how the
inbuilt secure coding and security code review guidance modules allow
developers and security professionals to access the information they
need precisely when they need it. I will also show how Agnitio
automatically creates metrics and reports bringing much needed
visibility to the security code review process with no extra effort
required from the reviewer, developers or management.
Agnitio v2.0 will be demonstrated during
this talk which will show how Agnitio’s already powerful feature set has
been expanded to include more secure coding and security code review
guidance, additional report types, developer and reviewer focused
metrics and an automated source code analysis module.
Hugh Jones - Data Protection Specialist at
Longstone Management Ltd.
Hugh Jones is a certified Data
Protection Practitioner, offering specialist advice to organisations
striving to achieve and maintain data protection compliance.
He helps organisations to design and deploy appropriate privacy policies
and procedures, and speaks regularly at Data Protection and Information
Management events
Topic: Data Protection Breach
Crisis Management
In today's world of instant 'trial by
media', by the time the management of an organisation realises that they
have a DP crisis, the brand has already been impacted. This topic is
about classical Risk Management - identification of the threats,
preparation for the risk event, mitigation of the risk impact, and
management of the resolution. The presentation will look at some recent
DP crises, how they were (mis)managed, and the challenge of recovering
the Brand.
- Recognising a Crisis - criteria
for consideration
- Preparation - scripts, templates,
roles and responsibilities
- The risk of CHAOS - (Chief Has
Arrived On Site)
- Mandatory and Regulatory
reporting obligations
- Avoid digging a deeper hole
- Demonstrating a return to
stability
- The importance of "Lessons
Learned
Stephen Bonner - Partner - KPMG
Stephen Bonner is a Partner in the
Information Protection team at KPMG where he leads a team focused on
Financial Services. Before KPMG he was Group Head of Information Risk
Management at Barclays. He was inducted into the InfoSec "Hall of Fame" in
2010 and was number 1 on the SC/ISC2 'Most Influential 2010' list. He ran
the London Marathon in 2011, raising over £15k for Whitehat/Childline.
Eoin Keary - OWASP - BCC Risk Advisory
Eoin Keary is vice chairman of the OWASP
Foundation and member of the OWASP board since 2009.
He is the founding director & CTO of BCC Risk Advisory, specialising in
software security development, training and testing. Eoin lives in Ireland
and works across Europe for BCC Risk Advisory. He has dedicated much of his
professional career to solving software insecurity issues and believes in
“building security in”.
Eoin has been with OWASP since 2004. During this time he has been involved
in the following projects: OWASP Code Review Guide (lead), OWASP Testing
Guide v2.0 (lead), OWASP SAMM, OWASP ASVS, OWASP Ireland Chapter Lead, OWASP
AppSec Europe 2011 Chair.
Eoin has 2 children (Eoghan & Lewis) and a lovely wife Louise. In his part
time he likes filling out forms and weighing things.
Topic : Mobile application security:
Risk in my pocket/When did you last lose your desktop?
Modern mobile applications run on mobile
devices that have the functionality of a desktop or laptop running a general
purpose operating system. Many of the risks associated with mobile apps are
similar to those of traditional trojan software, malware and insecurely
designed apps. But mobile devices are not just small computers. Mobile
devices are designed around personal and communication functionality which
makes the top mobile applications risks different from the top traditional
computing risks. When did you last lose your desktop?
In this talk Eoin shall give an overview
of the risks to mobile applications and devices branching into the most
common risks and issues associated with mobile devices today.
Eoin shall also cover how security review
is performed on mobile devices and how it differs from a traditional web
application review.
Sponsorship
Thanks to the generosity of our
sponsors IRISS is able to
host this event free of charge to the attendees. The following organisations
have kindly lent their support to our conference;
Realex
Payments is a leading European online payment gateway, providing a range of
payment processing services for businesses selling online. The company has
experienced year on year growth since its foundation in 2000. It is currently
expanding both its product set and the regions into which it sells, and
currently has over 90 staff. Our vision and values were developed by our staff
in 2008 , they determined that our vision would be “To be a highly innovative
payment services business that continually adds value, where our customers are
advocates and our people love to excel”.
MEDIA SPONSOR
Help
Net Security has been a prime resource for information security news since
1998. The site is updated daily with
fresh content including interesting articles, information on new product
releases, latest industry news and more. Besides reading daily news coverage,
you can download all of the issues of our digital
(IN)SECURE Magazine.
Should you or your company be interested in
sponsoring the upcoming event or sponsoring IRISS please send an email for
info@iriss.ie for our sponsorship pack.
Past Events
Our first annual cyber crime conference was
held in 2009. The event was a great success. An overview of the event can be
found here.
