Check out the IRISSCON 2019 Date and Venue, Speaker Lineup, Agenda and Conference Sponsors below.
The IRISSCERT Cyber Crime Conference (IRISSCON) will be held this year on Thursday the 21st of November 2019 in the Ballsbridge Hotel, Pembroke Road, Dublin. This is an all-day conference which focuses on providing attendees with an overview of the current cyber threats facing businesses in Ireland and throughout the world and what they can do to help deal with those threats.
Experts on various aspects of cyber crime and cyber security share their thoughts and experiences with attendees, while attendees will also have the opportunity to network with likeminded individuals.
The conference is open to anyone with responsibility for securing their business information assets. There is a nominal fee of €50 per person attending to cover the costs of catering and other organisational expenses.
An annually held conference, IRISSCON is an opportunity to not only increase your knowledge but also to meet and network with your peers in a relaxed environment. Here is a video giving an overview of IRISSCON.
In parallel to the conference, IRISSCERT also hosts Ireland's premier IRISSCON Cyber Security Challenge. The challenge allows Ireland's top cyber security experts to compete against each other in a controlled environment to see who will be the first to exploit weaknesses in a number of systems and declare victory. The purpose of the competition is to demonstrate how attackers could gain access to your systems and allow you to learn from the event on how to prevent such attacks from impacting your network.
Checkout the IRISSCON 2019 Date and Venue, Speaker Lineup, Agenda and Conference Sponsors below.
Date: Thursday, 21st November 2019
Venue: Ballsbridge Hotel, Pembroke Road, Dublin
Go to Top>>
Time |
Speaker |
Organisation |
Topic |
|
08:30 |
Registration |
IRISS |
Registration |
|
09:00 |
Gordon Smith |
MC |
Conference Opening |
|
09:10 |
Brian Honan | Head of IRISSCERT | IRISSCERT Year in Review & Key Threats to Ireland |
|
09:30 |
Carmel Somers | ICT Skillsnet; | Technology Ireland ICT Skillnet |
|
10:00 |
Graham Cluley | Award-winning security blogger, researcher, podcaster, and public speaker | Not all Cyber Criminals are Evil Geniuses |
|
10:30 |
Jelena Milosevic | Paediatrician and ICU Nurse | TBC |
|
11:00 |
COFFEE BREAK |
COFFEE BREAK |
COFFEE BREAK |
|
11:30 |
Raj Samani | Chief Security Officer – McAfee | A step-by-step guide to cooking crab |
|
12:00 |
Emma Heffernan | Student & Part Time Security Analyst | Are Humans a Vulnerability? |
|
12:30 |
Kirils Solovjovs | Lead Researcher at Possible Security | Patches will fail us. The future of IT defence |
|
13:00 |
LUNCH |
LUNCH |
LUNCH |
|
14:00 |
Mick Moran | Garda Liaison officer in France, An Garda Síochána | They're all wan&*ers - a look at the role of masturbation in online offending - NSFW |
|
14:30 |
Alex Hutton | Technology Executive over the Application Defense and Cybersecurity Analytics teams in Bank of America’s Cybersecurity Defense Function | UTHE FUTURE IS PURPLE - What Simon Wardley, Brad Pitt, MITRE ATT&CK, and Purple Teaming can teach us about the next 10 years of Information Security. |
|
15:00 |
Dan Raywood | Deputy Editor Infosecurity Magazine | State of Cybersecurity Report - Extended Play |
|
15:30 |
COFFEE BREAK |
COFFEE BREAK |
COFFEE BREAK |
|
16:00 |
Jenny Radcliffe | The People Hacker | A Social Engineers guide to Deception - understanding how humans lie. |
|
16:30 |
Dave Lewis | Global Advisory CISO, Duo Security | Trust And Bonfire Of The Profanities |
|
17:00 |
Conference Close & Networking Event |
Conference Close & Networking Event |
Conference Close & Networking Event |
Dave Lewis, Global Advisory CISO, Duo Security
Topic: Trust And Bonfire Of The Profanities
Abstract: To be updated soon!
Bio: Dave Lewis has over two decades of industry experience. He has extensive experience in IT security operations and management. Lewis is an Advisory CISO - Global for Duo Security. He is the founder of the security site Liquidmatrix Security Digest and cohost of the Liquidmatrix podcast. Lewis serves on the advisory boards for Cortex Insight and Dateva Inc. Lewis writes columns for Forbes, Daily Swig, CSO Online & Dark Reading.
Carmel Sommers
Topic: Technology Ireland ICT Skillnet
Bio: Over a thirty-year career at IBM, Carmel held a number of local and global roles in research & development, consulting services and operations. Having qualified as an Organisational Psychologist she held the position of Talent Manager for IBM's Ireland Lab, and set-up IBM’s first European Technology for Good team within IBM’s Corporate Social Responsibility division in 2018. As an advocate for in lifelong learning and shaping the future work, Carmel sits on the Steering Group of Technology Ireland ICT Skillnet, and chairs its Cyber Security Skills Initiative (CSI) Advisory Board. In addition, Carmel is a board member of Cyber Ireland.
Jenny Radcliffe, The People Hacker, Founder & Director of Social Engineering, Human Factor Security
Topic: A Social Engineers guide to Deception - understanding how humans lie.
In this talk we look at the way deception can manifest in the verbal and non-verbal behaviours of humans. We look at why humans are so bad at detecting lies, why technology might be the answer here, and why understanding the brain and how it signals deception can be so useful in a variety of security situations, from insider threat to social engineering
Bio: Jenny Radcliffe has spent a lifetime performing physical infiltration, social engineering and security investigations. She specializes in various aspects of human manipulation including deception work, non-verbal communications, influence and persuasion techniques.
She is the founder and Director of Social Engineering at Human Factor Security, is a regular global keynote speaker and is the host of award winning podcasts, vlogs and blogs on all aspects of the human element of security. Jenny can usually be found behind a mic or on top of a roof somewhere in the world.
Dan Raywood, Deputy Editor, Information Security Magazine
Topic: State of Cybersecurity Report - Extended Play
Abstract: Last year Infosecurity Magazine conducted industry research to determine the driving trends in cybersecurity. "Sure there are lots of reports" you may ask, "so why should I be interested in this one?" How many reports are ultimately vendor-sponsored, pushing the problem that their product or service resolves? With this research, we independently interviewed some of the main names in cybersecurity, and in 2019, we did this again with a larger sample set, and precedent to compare against. In this talk, 'State of Cybersecurity Report' author, and Infosecurity Magazine deputy editor Dan Raywood will look at the findings from this report, get an understanding of what this industry's researchers, CEOs, practitioners and analysts actually think is driving cybersecurity now, and also feature new research specifically looking at career opportunities in these trends, with original survey data from new people entering the industry on how these findings affect their choices. Learning Points: *How compliance was the leading driver in 2018, and how it stands post GDPR deadline *How much the human factor is a driver *What the business can do to be more secure, and embrace security *Where the opportunities are for jobs, both for new people and those seeking a career change
Bio: .
Emma Heffernan
Topic: Are Humans a Vulnerability?
Abstract: Social Engineering - the term used for the gathering of sensitive information. As the world digitalizes more and more, the need for securing data is hugely important. However within every company there’s a vulnerability, mostly known as a Human. In this talk, I’d present the types of social engineering attacks, what could happen to an individual who’s been affected by it and what are the means of preventing it. Including examples of why a human is a vulnerability to a company.
I’m very passionate about this topic as social engineering tends to come naturally to me, yet I had almost fallen to be a victim!
Bio: Emma Heffernan, currently a 3rd year student at Technological University Dublin & Part-time Security Analyst in Dublin. Strong passion for all things Maths, Social Engineering & Capture the Flags
Mick Moran, Garda Liaison officer in France, An Garda Síochána
Topic: They're all wan&*ers - a look at the role of masturbation in online offending - NSFW
Abstract: Mick will explore some of the offences and offenders linked to the wholesome world of online sex and sexuality and finish with suggestions about how infosec professionals have a role to play.
Bio: Mick Moran is a member of An Garda Síochána attached to the L and P section of Garda HQ. He is assigned to work as a Garda Liaison officer in France. He is based in Paris. Although this might sound like a nice job he is at an age where croissants are just large blobs of cholesterol.
Prior to this he worked at INTERPOL. This too might sound like a nice job but he never got to business class grade and has traveled the world down the back with the chickens. This might be good for chickens but Mick is 6'2". While there he led the Vulnerable communities sub-directorate that dealt with Human Trafficking, Online Child Exploitation and People Smuggling. While this does not sound like a plum job it was an absolute privilege to work with some of the most passionate, dedicated and committed people on the planet - selflessly making a difference in peoples lives every minute of every day.
He is a teacher of all things online child at UCD on the forensic computing masters and is a member of the board of cybersafe Ireland. Want to make a difference? Join cybersafe as a trainer and teach kids about being safe online......https://cybersafeireland.org/
If you want to know more he is known to like pints and people who buy them or follow him @mickmoran on twitter
Alex Hutton
Topic: THE FUTURE IS PURPLE - What Simon Wardley, Brad Pitt, MITRE ATT&CK, and Purple Teaming can teach us about the next 10 years of Information Security.
About 10 years ago, Alex Hutton and Allison Miller suggested to audiences that the future of security included lots and lots of data and fraud-like approaches to security analytics. We apologize. In this talk, Alex will ask us to look around at what we're doing now, where it's going, what the future might look like, and most importantly, what you can do today to position your security program for success.
Hint: it's probably Evidence-Based, filled with Game Theory and very, very purple.
Bio: Alex Hutton is the technology executive over the Application Defense and Cybersecurity Analytics teams in Bank of America’s Cybersecurity Defense function. Prior to this position, his responsibilities included Emerging Threat Analytics and Disruption, Cyber Threat Intelligence, and Security Data Services/Data Science.
Formerly, Hutton was a Security Leader and Director of Operational Risk at Zions Bancorporation.
Past contributions to the industry have included creating an international standard for the Factor Analysis of Information Risk (FAIR) risk model, founding member of the Society of Information Risk Analysts, and during his tenure at Verizon, he was a key contributor to the Verizon Data Breach Investigations Report (DBIR) and the creation of the open VERIS ontology for incident classification.
When he had more time and a much smaller family, he was an avid security blogger, podcaster, speaker and conference organizer.
Topic: Patches will fail us. The future of IT defence.
Abstract: Everyone knows you have to patch, and preferably - have automatic patches enabled for yourself and your users. Not everyone talks about the inherent risk of state-sponsored attacks that inevitably come with automatic patching. Maybe it's time to lay-off the patch mania? ...
Oh, but wouldn't security suffer?
In the second part of the presentation author explores the current maturity of zero-day market(s) and argues that high-stake targets are better left un(auto)patched, instead proposing an in-depth monitoring of all - primarily network - interfaces for signs of exploitation.
Bio: Kirils Solovjovs is Lead Researcher at Possible Security, bug bounty hunter, IT policy activist, and the most visible white-hat hacker in Latvia having discovered and responsibly disclosed or reported multiple security vulnerabilities in information systems of both national and international significance.
Kirils has developed the jailbreak tool for Mikrotik RouterOS. He has extensive experience in social engineering, penetration testing, network flow analysis, reverse engineering, and the legal dimension.
He has spoken at many amazing conferences including SHA2017, 35C3, CONFidence, Hack In The Box, Hack in Paris, Hackfest, Nullcon, BalCCon, TyphoonCon.
Raj Samani, Chief Scientist, McAfee
Topic: A step-by-step guide to cooking crab!
Abstract: What does the GandCRAB ransomware teach us about the evolving threat and what can we take from their innovations to better protect our organizations from this rapidly evolving threat vector. Take a deep dive into the shadowy world of the affiliate structure and measures that you can use to protect your infrastructure against new entry vectors!
Bio: Raj Samani is a computer security expert working as the Chief Scientist, and McAfee Fellow for cybersecurity firm McAfee. Raj has assisted multiple law enforcement agencies in cybercrime cases, and is special advisor to the European Cybercrime Centre (EC3) in The Hague.
Raj has been recognized for his contribution to the computer security industry through numerous awards, including the Infosecurity Europe hall of Fame, Peter Szor award, Intel Achievement Award, among others.
Raj is also the co-author of the book 'Applied Cyber Security and the Smart Grid', CSA Guide to Cloud computing, as well as technical editor for numerous other publications.
He can be found on twitter @Raj_Samani
Graham Cluley
Topic: Not all Cyber Criminals are Evil Geniuses"
Abstract: The media loves to present hackers as evil geniuses, but that's often not the case. They may not be smart, and they may not be bad. Sometimes they may even be neither! The truth is that good people sometimes do bad things. And bad people sometimes do very dumb things. Computer security veteran Graham Cluley will take you on a journey through some of dumb mistakes that malicious hackers have made which made it easy for them to be identified - the goofs, the screw-ups, and the basic failings which led to the authorities knocking on their door.
Bio: Graham Cluley is an award-winning security blogger, researcher, podcaster, and public speaker. He has been a well-known figure in the computer security industry since the early 1990s when he worked as a programmer, writing the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows.
Since then he has been employed in senior roles by companies such as Sophos and McAfee.
Graham Cluley has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.
Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011.
Graham's talks make this topic fun, entertaining and interesting, without involving too much techno jargo, to make this sometimes complicated subject accessible to a wider audience
Jelena Milosevic,
Bio: Paediatrician and ICU nurse, Nijmegen Area, Netherlands
Topic: To be updated soon!
Abstract: To be updated soon!
Bio: Jelena Milosevic is a paediatrician and ICU nurse with a lot of experience, having worked at many different hospitals in the Netherlands since 1995, and before that having spent 10 years working in the ICU at the University Children's Hospital in Belgrade.
Over the past three years Jelena has been active in the infosec community and has been applying her infosec knowledge to the healthcare world in order to help improve security for both patients and medical staff. Jelena is a member of the I Am The Cavalry group and a part of the Women in Cyber network.n, entertaining and interesting, without involving too much techno jargo, to make this sometimes complicated subject accessible to a wider audience
Thanks to the generosity of our sponsors IRISS is able to host this event. The following organisations kindly lent their support to our conference.
