Home
About IRISS
Services
Subscribe
Sponsors
IRISSCON
Challenge
Media Coverage
Useful Links
Contact Us
RFC_2350
Privacy
Disclaimer


IRISSCERT Cyber Crime Conference

The 5th IRISSCERT Cyber Crime Conference will be held this year on Thursday the 21st of November 2013 in the D4Berkley Court Hotel, in Ballsbridge Dublin.  This is an all day conference which focuses on providing attendees with an overview of the current cyber threats facing businesses in Ireland and throughout the world and what they can do to help deal with those threats.

Experts on various aspects of cyber crime and cyber security share their thoughts and experiences with attendees, while a number of panel sessions will provide the opportunity to discuss the issues that matter most.

The conference is open to anyone with responsibility for securing their business information assets. There is a nominal fee of €25 per person attending to cover the costs of catering and other organisational expenses

The IRISSCERT Annual Conference is an opportunity to not only increase your knowledge but also to meet and network with your peers in a relaxed environment.

In parallel to the conference, IRISSCERT also hosts Ireland's premier Cyber Security Challenge. The Cyber Security Challenge allows Ireland's top cyber security experts to compete against each other in a controlled environment to see who will be the first to exploit weaknesses in a number of systems and declare victory. The purpose of the competition is to demonstrate how attackers could gain access to your systems and allow you to learn from the event on how to prevent such attacks from impacting your network.

Registration is now open here.

 

Agenda

Time

Speaker

Organisation

Topic

08:30

Registration

IRISS

Registration

09:00

Brian Honan

IRISS

Conference Opening

09:30

Jon McClintock

Amazon

Amazon-Scale Application Security

10:00

Billy Glynn

IEDR

DNS Security

10:30

Gadi Evron

Karspesky

Cyber Counter Intelligence An attacker-based approach with “honey controls”

11:00

COFFEE BREAK

COFFEE BREAK

COFFEE BREAK

11:30

Peter Warren

Cyber Security Research Institute

 

12:00

Jared Carstenten

Deloitte

Cybercrime in Ireland

12:30

Eoin Keary & Rahim Jina

BCC Risk Advisory

Building a shield of security - Vulnerability Management by the numbers and dumb robots!

13:00

LUNCH

LUNCH

LUNCH

14:00

Bob McArdle

Trend Micro

Who is really attacking ICS / Scada devices?

14:30

Dr Jessica Barker

JL Barker Limited

Cyber Security Attitudes and Behaviours: mind the generation gaps

15:00

Dr Andreas Moser

Google

Enterprise scale live forensics using the GRR Response Rig

15:30

COFFEE BREAK

COFFEE BREAK

COFFEE BREAK

16:00

Sean Newman

SourceFire

It's time to think differently... about security

16:30

Stephen Doherty

Symantec

An Overview of Targeted Attacks and the Threat Actors behind them

17:00

Brian Honan

IRISSCERT

Conference Close

17:30

Networking Event

Networking Event

Networking Event

 

Speaker Lineup

Dr Jessica Barker, Director, J L Barker Ltd

Dr Jessica Barker explores how individuals, institutions and societies interact with technology and information. With a focus on corporate governance and the knowledge economy, Jessica’s expertise is in the holistic, 'human' side of cyber security. An experienced interviewer and trainer, Jessica works with a variety of organisations and is known for her ability to engage with everyone from the most senior civil servants and FTSE100 boards to creative workers in small digital agencies.

Topic: Cyber Security Attitudes and Behaviours: mind the generation gaps
This presentation is based on primary research exploring the cyber security attitudes and behaviours of different generations. The paper explores the way different age groups understand the threats in cyber space and the extent to which age impacts how people behave online and are aware of cyber security. Recognising that an organisation is only as strong as its weakest link, and that no one size fits all, this research aims to inform those responsible for information security to be aware of, and mitigate against, generation gaps.

Mr. Peter Warren, Chairman at Cyber Security Research Institute

Peter is a freelance journalist specialising in technology, undercover investigations and science issues. He chairs the Cyber Security Research Institute www.crsi.info, an independent think tank and edits the Future Intelligence technology news website ww.futureintelligence.co.uk. His weekly radio show, PassWord with Peter Warren, reaches an audience of 300,000 on Resonance 104.4FM in central London and can be heard worldwide at www.resonancefm.com on Wednesdays and Sundays 1530-1600 GMT. Currently he is working on a report about machine to machine communication (M2M) for the EU website Netopia. The former technology editor of Scotland on Sunday and the Sunday Express and an associate producer for BBC2 TV, he has worked across a variety of media - including the Guardian, the Daily Mirror, Evening Standard, the Sunday Times, the Sunday Express, Sunday Business, Channel 4, Sky News, the BBC and specialist magazines. He has also advised a number of PR agencies on their technology clients. In 1996 Peter was runner-up in the UK Press Gazette Business Awards for Technology Scoop of the Year. A guest speaker on Technology Ethics to the European Union’s Information Society Technologies conference in Helsinki, Peter is an acknowledged expert on computer security issues.

In 2006, Peter won the BT IT Security News story of the year prize for his work exposing the practice of discarding computer had drives containing sensitive business and personal data.

In 2007, Peter won the IT Security News story of the year prize again for work done with Future Intelligence showing that Chinese hackers had broken into the UK Houses of Parliament.

In 2008 Peter won the BT Enigma Award for services to technology security journalism.

Mr Gadi Evron, VP Cybersecurity Strategy at Kaspersky Labs.

Gadi is widely recognized for his work in internet security operations, considered the first botnet expert. He specializes in corporate security, cyber intelligence and cyber crime. He previously led the PwC Cyber Security Center of Excellence, located in Israel. Prior to that Gadi was CISO for the Israeli government Internet operation, founder of the Israeli Government CERT and is a research fellow at the Yuval Ne`eman Workshop for Science, Technology and Security, at Tel Aviv University, working on cyber warfare projects. Gadi authored two books on information security, organizes and chairs worldwide conferences, and if a frequent lecturer.

Topic: Cyber Counter Intelligence An attacker-based approach with “honey controls”


Eoin Keary - BCC Risk Advisory / OWASP

Eoin is international board member and vice chair of OWASP, The Open Web Application Security Project (owasp.org), and during his time in OWASP he has lead the OWASP Testing and Security Code Review Guides and also contributed to OWASP SAMM, and the OWASP Cheat Sheet Series.
Eoin is a well-known technical leader in industry in the area of software security and penetration testing, and has led global security engagements for some of the world's largest financial services and consumer products companies. He was a senior manager, responsible for penetration testing in EMEA for a “big 4” professional services firm for 4.5 years. He is the CTO and founder of BCC Risk Advisory Ltd (bccriskadvisory.com) an Irish company who specialise in secure application development, advisory, penetration testing, Mobile & Cloud security and training.
Eoin has delivered security training and talks for OWASP to over 600 developers in the past year including events such as RSA (2013), RSA Europe, OWASP EU (2013), OWASP Dublin 2013.

Rahim Jina - BCC Risk Advisory / OWASP

Rahim is a member of OWASP and has contributed to many open source security projects over the past 8 years such as the OWASP Testing and Security Code Review Guides and also OWASP SAMM. Previously Rahim was a senior consultant at a “big 4” professional services for and the head of security for a large VoIP/IPT company in Los Angeles, USA and now works as the Director of information security for BCC Risk Advisory (bccriskadvisory.com). His is also responsible for the security architecture of the edgescan.com vulnerability management solution.

Topic: Building a shield of security - Vulnerability Management by the numbers and dumb robots!
This presentation discusses how builders, breakers and defenders should look at vulnerability management when attempting to keep hackers at bay……
We shall discuss the most common vulnerabilities which are not detected by security tools and automation but nevertheless they are very common and can be used to commit real fraud or financial loss.
We shall discuss real statistics and examples from the trenches in relation to how common such vulnerabilities are found, the impact and how we mitigate them.
Let’s discuss business logic and authorisation testing, how to approach and why automation does not work to detect such critical issues.
Why Web Application firewalls are ineffective against such attacks and why the only real solution is focusing on the application as a logical state machine.
The presentation leverages items such as the OWASP Top 10 and Eoin Keary & Jim Manicos (OWASP Global Board Members) international training.
 

Robert McArdle EMEA Manager, Forward Looking Threat Research - Trend Micro


Robert is currently working as the manager of Trend Micro's Forward Looking Threat Research team in Europe, where he is involved in analyzing the latest malware threats, specializing in researching the future threat landscape, Open Source Intelligence (OSINT) and coordinating investigations with international law enforcement. Robert is a regular presenter for the press and at security conferences. He also lectures in Malware Analysis and Cybercrime Investigations on MSc modules at Cork IT and UCD, and is a trainer for several SANS qualifications. He worries that his hobby and job are one and the same, and constantly wonders if "normal" people have that problem. He enjoys long walks on the beach, puppies, and Guinness.

Topic: Who is really attacking ICS / Scada devices?

ICS and SCADA have become two major buzzwords on the security landscape over the last year or two due to Stuxnet, Flame, and several other threats and attacks. In some ways the entire SCADA industry suddenly woke up to the scale of insecurities in systems that are responsible from everything from supplying our power, to protecting human lives.
As a result a lot of research has been done over the same period into just now easily an attacker can gain controls of such systems, and the sort of damage they can carry out when they do. Even for a control panel of a system supplying water to a whole town, its very possible that it is accessible from the internet with a login of admin and a password of 123456 (if there is a password at all)
In this talk we will look at some of those issues - but even more so we will look at WHO is attacking these systems. Based on research Trend Micro has carried out over the last number of months we have gained very valuable insight into the sorts of people who are carrying out these attacks, and results are often surprising.

Sean Newman, Field Product Manager, Sourcefire

Sean is the Field Product Manager for Sourcefire, now part of Cisco, in EMEA, responsible for bringing Sourcefire solutions to market and ensuring they meet the regional requirements. Having worked as an Engineer and a Product Manager in the Security and Networking industry for over sixteen years, his extensive experience enables him to effectively address the latest information security challenges.

Topic: It's time to think differently... about security
 

Dr. Andreas Moser, Senior Security Software Engineer, Google Inc.

Andreas Moser is currently a Senior Security Software Engineer at Google Inc. where he develops enterprise forensics tools like the GRR Response Rig. Before his engagement at Google, Andreas obtained a PhD in computer security from the Vienna Technical University for his research on Internet security and dynamic analysis of malicious code. In his free time he likes to tamper with code and plays in the occasional capture the flag contest.

Topic: Enterprise scale live forensics using the GRR Response Rig

In order to perform sound digital forensics investigations in today’s environments, it is no longer sufficient to simply unplug a computer and evaluate it later - an investigator has to know how to perform volatile memory analysis to properly capture all available evidence. However, acquiring memory snapshots and delivering them through the network to an analyst is a tedious process and does not scale very well to enterprise sized networks due to the sheer size of such images.

In this talk, I will show how GRR Rapid Response (GRR, https://code.google.com/p/grr/) - an advanced open source distributed enterprise forensics system - can be used to tackle this problem by enabling an analyst to perform live digital forensics on enterprise network scale.

I will first give an overview on how GRR can be used to effectively analyze large networks by applying basic digital forensics capabilities like searches for digital artifacts (i.e, suspicious files or registry keys) concurrently to all machines in an enterprise network. I will show some of the key forensics features we have built into GRR like Sleuthkit integration which allows raw disk investigation and elaborate on the system's live memory analysis features. I will demonstrate how GRR can be utilized to run the Volatility framework on live memory of a machine under investigation instead of a static disk image which enables the fleet wide search for evidence directly in memory. I will also explain some of the general stability and performance issues that arise when large scale live forensics systems are used and how GRR overcomes those problems.

This should give a very thorough view of how this analysis system works and how it can be deployed to enable those investigative capabilities in your enterprise network using only free open source

Mr. Jared Carstensen, Enterprise Risk Services, Deloitte Ireland

Jared Carstensen is an internationally recognised Information Security professional with extensive experience in Information Security Audits, Data Protection & Privacy, Cyber Security, Cyber Crime, Cloud Computing, ISO 27001 (Implementation and Auditing), Business Continuity (BS 25999), Forensic Investigations, Technical and Security Compliance Requirements, and International Best Practice.

Jared is currently the Chairman of the (ISC)2 Ireland Chapter, and is a regular contributor to the international Information Security community including the International Information Systems Security Consortium (ISC)2, Information Systems Audit and Control Association (ISACA), British Standards Institute (BSI) and the Cloud Security Alliance (CSA). Jared is an (ISC)2 educational item writer, and material developer for the internationally recognized SSCP and CISSP credentials, and a regular contributor to publications such as SC Magazine and PenTest Magazine. Jared has spoken at over 100 events globally, including various keynote addresses and guest panel invites.

Mr. Jon McClintock, Manager Application Security, Amazon

Jon McClintock has spent 8 of the past 10 years at Amazon, working on various efforts to improve the security of Amazon's software. He can teach you how to ride a motorcycle, take a picture, climb anything, bake a pie, jump out of a helicopter, make music, or juggle clubs. He can tell you how  to take a boat to Antarctica, a train across Sieria, or a camel to the Sahara. But the most important thing you can learn from him is how to protect customer data.

Topic Amazon-Scale Application Security

Traditional application security involves hands-on deep dives at multiple stages of the development process. When properly applied, this is effective at making software reasonably secure. But how does this approach scale to a large enterprise where thousands of developers are innovating every day? In this talk, we will explore the processes and approaches that work to ensure the software that powers the world's largest online retailer is secure.

     Stephen Doherty , Security Response Manager/Threat Intelligence Analyst, Symantec

Stephen works in Symantec's Attack Investigations Teams as a senior threat intelligence analyst. Stephen's role is to investigate high profile incidents and to perform longer term research into some of the more significant threats and sophisticated attacks seen in the field. Stephen studied Electronic Engineering in UCD and then did a Masters in Security & Forensic computing in DCU.

Topic - An Overview of Targeted Attacks and the Threat Actors behind them.

Mr. Billy Glynn, Principal Researcher, IEDR
 

Billy Glynn is Principal Researcher in the IE Domain Registry Limited (IEDR), the company which operates and manages dot IE. During his twelve year career at the company Billy has been instrumental in the automation of mission-critical business systems and registration services for the local Internet community. In particular, he has managed and led the development of DNS security extensions for the dot IE country-code top level domain. Previously he led the development of secure automated interfaces for accredited registrars (IE API), which was a major enabler of the volume growth of the .ie namespace over that period.

Billy is responsible for applied research in the area of internet protocol developments with a specific focus on DNS and DNSSEC. Billy has previously presented at HEAnet, SATIN (Securing and Trusting Internet Names), IRISSCON and IIA conferences.



Topic: DNS Security

 

Sponsors

Thanks to the generosity of our sponsors IRISS is able to host this event. The following organisations kindly lent their support to our conference;

 

 

MEDIA SPONSORS


Help Net Security has been a prime resource for information security news since 1998. The site is updated daily with fresh content including interesting articles, information on new product releases, latest industry news and more. Besides reading daily news coverage, you can download all of the issues of our digital (IN)SECURE Magazine.

 

Should you or your company be interested in sponsoring the upcoming event or sponsoring IRISS please send an email for info@iriss.ie for our sponsorship pack.


Home ] About IRISS ] Services ] Subscribe ] Sponsors ] [ IRISSCON ] Challenge ] Media Coverage ] Useful Links ] Contact Us ] RFC_2350 ] Privacy ] Disclaimer ]