You are welcome to register via the organizer's website: www.cirosec.de/congressit-sa
The event will open with a presentation on supply chain attacks. Numerous attacks via supply chains from the past will be presented, protective measures and their limits will be discussed, and strategies for securing the supply chain will be recommended.
The partners will then address options for protecting identities and security monitoring, as well as managed SOC services and protecting sensitive content beyond corporate boundaries.
12:30: Welcome with a light snack
13:00: Supply Chain Attacks - Stefan Strobel, cirosec
Not only since the BSI warned against the use of Kaspersky's AV solutions have many companies been concerned about security risks emanating from purchased products or services. The prominent incident at Solarwinds has already put the topic of "supply chain attacks" on the agenda of many organizations. But what constitutes such an attack, what concrete examples have there been in the past and how should one deal with them? In this presentation, Stefan Strobel describes numerous attacks via supply chains from the past, highlighting the special features as well as the different variants of these attacks. In addition, he will present various protective measures as well as their limitations with regard to "supply chain attacks" and recommend strategies for securing the supply chain.
14:45: Continuous monitoring as the key to greater IT security - AMPEG
The key to maximum data security is a permanent 360-degree view of all security areas of the network. Without a continuous, detailed insight into the security structure, so-called "blind spots" are created that offer ideal opportunities to penetrate the network.
15:30: Identity protection - Semperis
Semperis ensures the integrity and availability of critical enterprise directory services every step of the way, protecting identities from cyberattacks, data leakage and operator error. The solution detects vulnerabilities in directories, can defend against ongoing cyberattacks, and significantly reduces the time for any necessary recovery.
16:30: BlueVoyant - Managed SOC Services based on MS Sentinel or Splunk in the Cloud
Many companies use security products from Microsoft as AV solutions, EDR or for AD monitoring. At the same time, there is a growing need to monitor such security systems and to verify and follow up on the alerts they generate. Since the events of the various Microsoft Defenders already reside in the Microsoft cloud, new SOC operating models become possible, where an external service provider no longer needs to operate its own SIEM, but only needs access to the sentinel in the Azure tenant of its customers. BlueVoyant is one of the most successful vendors worldwide in this new space.
17:15: Kiteworks - Compliance and protection of sensitive content across enterprise boundaries.
Kiteworks' platform enables the consolidation, traceability, control and protection of sensitive content exchanged within and across corporate boundaries. For example, emails and attachments can be encrypted and sent in a compliant manner. File sharing protects sensitive content and enforces compliance policies while improving user productivity and collaboration. Secure web forms also allow customers and other external parties to conveniently upload sensitive data.
6:00 p.m.: End of event
IT security officers, administrators, network managers, IT managers, IT security officers, data protection officers and auditors.