IT drošības konference „Kiberšahs 2016". Runātāji.
Opening remarks (EN)
Mr. Bergmanis is the Minister of Defence of the Republic of Latvia since July 2015. He was appointed to this post after the former minister Raimonds Vējonis became the President of the Republic of Latvia. Before taking up this post Mr. Bergmanis was a Member of the 12th Saeima (the Parliament of Latvia) and actively worked as a Deputy-Chairman in the Defence, Interior Affairs and Corruption Prevention Committee.
Before being elected as a Member of Parliament he was involved with various defence sector institutions, such as Recruitment and Youth Guard Centre, Ministry of Defence and National Armed Forces. Mr. Bergmanis has been working in the defence sector since 2001. He has obtained a master’s degree from the Riga Technical University in 1991 and a master’s degree from the Latvian Academy of Sports Education in 1998. In addition to his career in defence sector Mr. Bergmanis has been a professional athlete and Vice President of the Latvian Olympic Committee.
Opening remarks (EN)
Baiba Kaskina is the general manager of CERT.LV (Latvian National and governmental CSIRT) managing all activities including incident response, awareness raising and liaison with the constituencies.
She has been leading CSIRT teams since 2006 and used to work for TERENA (Netherlands) managing large scale projects, she also have been on the FIRST annual conference programme committee and is currently the chair of TF-CSIRT - European CSIRT community.
"Quantum technologies and their impact on cyber security" (EN)
Quantum technologies (such as quantum computers and quantum communication devices) are expected to have an important impact on cryptography and security. If quantum computers are built, they will make the existing public key cryptosystems (such as RSA) insecure. On the other hand, quantum communication devices promise unconditionally secure communication based on quantum mechanics. In both cases, we are seeing a steady progress towards building actual quantum devices, with experiments on increasingly larger scale quantum computers and quantum communication through satellites.
In this talk, Andris will describe the current state-of-the-art in quantum computing and quantum communication, covering the following topics:
- the theoretical capabilities of quantum technologies;
- the experimental work on building quantum devices;
- the future perspectives about quantum technologies becoming practical and being deployed;
- the impact of this on cybersecurity.
Andris Ambainis studies the question: "What can we do with a quantum computer, if we build one?" He is widely recognized as one of the leading experts on quantum algorithms/software for quantum computers. Andris Ambainis holds a Ph.D. from University of California, Berkeley (2001) and is currently a Professor at University of Latvia (since 2009). He is a winner of the Grand Medal of Latvian Academy of Sciences (the highest Latvian award for excellence in research) and is a holder of an Advanced Grant from European Research Council, the organization that supports the best European researchers.
"Secure and Enable Digital Transformation – Risk and Value Considerations in the 3rd platform"
3rd platform technologies allowed people and enterprises to take advantage of many innovation accelerators that are enabling a global (R)evolution. Business leaders are challenged to move their enterprises to the next level of digital business transformation: coupling digital technologies with organizational, operational, and business model innovation to create new ways of operating and growing businesses. But with great power comes great responsibility! Balancing threats and opportunities of Digital transformation is critical as well understanding a holistic approach to consider the main five dimensions of Digital Transformation maturity: Lidership; Omi-esperience; Information; Operating model; and Worksource.
#DigitalTransformation #DigitalMaturity #DigitalRisks #CyberSecurity #DigitalPredictions
Bruno Horta Soares is a Senior Advisor with more than 15 years in professional services experience, particularly in areas related with Digital Transformation and GRC. Started his career at Deloitte Consulting, worked for KPMG and Deloitte Portugal and in 2012 he founded GOVaaS - Governance Advisors as-a-service, where he is currently Senior Advisor. Currently actively collaborates with an ecosystem of partners in Portugal, Angola, Brazil and Mozambique, particularly IDC Portugal where since 2015 he is IT Executive Senior Advisor for Digital Transformation, IT Strategy, Governance and Security. He has a 5 years degree in Management and Computer Science, and a post-degree in Project Management. He is certified PMP; CISA; CGEIT; and CRISC. He’s advisor and visiting professor at different universities in Portugal, Angola and Brasil. He’s the founding President of the ISACA Lisbon Chapter, member of several professional associations and speaker at various conferences and seminars.
Egons Bušs has 25 years of experience in the field of information security, cyber security and information technology. Egons started his career back in 1980s on mainframe computers. His further work experience continued at the Bank of Latvia, first, as a Network and Systems Administrator, and the first bank’s Webmaster, up to the Deputy Head of Information Systems Department. Egons was assigned Project Manager for two security projects at the European Central Bank in Frankfurt am Main, Germany. From 2008 to 2016 Egons worked as an IT Director at ELKO Group, which is a large IT distributor in 10 Eastern and Central European countries. In 2016 Egons joined Latvian Mobile Telephone as a Security Director. Egons holds CGEIT (Certified in the Governance of Enterprise IT) Certificate. Egons serves on ISACA Latvia Chapter Board as Immediate Past President and Executive Vice President.
“The rise of Ransomware”
Pirmais izspiedējvīruss radās 1989.gadā. 27 gadus vēlāk izspiedējvīrusi un to izmantošana ir kļuvusi par ienesīgu nodarbi organizētiem grupējumiem. Prezentācijas mērķis ir sniegt ieskatu tajā kā darbojas izspiedējvīrusi, kā no tiem izvairīties un ko darīt gadījumos ja tomēr esam inficējušies.
Mārtiņš Saulītis kopš 2014.gada ir drošības konsultants startptautiskajā IBM X-Force Incident Respone Services komandā un nodarbojas ar incidentu izmeklēšanu, datu nesēju analīzi, klientu izglītošanu un konsultēšanu. Pirms pievienoties IBM Mārtiņš 5 gadus strādāja Latvijas tiesībsargājošā institūcijā un nodarbojās ar datu nesēju analīzi, kā arī atbalsta sniegšanu izmeklētājiem pirmstiesas izmeklēšnas procesā.
Sokratis K. Katsikas, Center for Cyber and Information Security, Norwegian University of Science and Technology
"Perspectives on research and development in cyber security in Europe and beyond" (EN)
The rapidly increasing number of digital personal devices and the increasing connectivity, as well as emerging technologies and application areas such as the Internet of Things increases our dependence on ICT. On the other hand, new cyber threats and vulnerabilities appear, with increased impact on critical infrastructures and societal functions. This landscape bears significant risks not only to the economy and the society, but also to the national digital sovereignty and autonomy. Additionally, at the EU level there is a need to support the vision of the Digital Signal Market and to develop the European cybersecurity market and industry. In response to these needs, the European industry have submitted their view that describes objectives to be pursued, as well as cybersecurity priority technical areas for action. The European research community have also come up with a strategic research agenda describing cybersecurity research priority areas. On the other side of the Atlantic, the US federal government has made public a cybersecurity research and development strategic plan, describing cybersecurity R&D strategic priorities. In this talk, the above agendas will be discussed with an eye towards identifying prospective cybersecurity research and innovation areas.
Sokratis K. Katsikas is a Professor with the Center for Cyber and Information Security, Norwegian University of Science and Technology, Norway, and a Professor with the Dept. of Digital Systems of the University of Piraeus, Greece. His research interests lie in the area of information and communication systems security. He has authored or co-authored more than 230 journal publications, book chapters and conference proceedings publications and he has participated in more than 60 funded national and international R&D projects in these areas. He is serving on the editorial board of several scientific journals, he has authored/edited 26 books and has served on/chaired the technical programme committee of more than 400 international scientific conferences.
"Layer Cake - Hunting Malware & Sharing IOCs like a boss" (EN)
Varis Teivāns works in the field of cyber security since 2006. He has played a major role in development of the IT security infrastructure and a recovery plan for the Latvian presidency of the EU. Varis has participated in planning, technical setup, and scenario development of several hackfests, run technical workshops on IT security issues at the university as well as at the CERT.LV organized events. Currently Varis is leading CERT.LV’s technical incident response team.
"Breaking operating system kernel IPv6 protocol stack" (EN)
IPv6 specification was introduced in 1998, however, actual widespread implementations have been done only in the past decade. Modern operating systems support IPv6 already and it is enabled by default. In most cases, IPv6 support in the protocol stack is introduced based upon IPv4 implementations, in parallel or using a layer of abstraction. This potentially could introduce security risks in how IPv6-based traffic is being processed by the kernel. A successful attack against a flawed IPv6 implementation potentially could allow denial-of-service, information disclosure, or full OS compromise, In this presentation we will explore the IPv6 implementation in GNU/Linux kernel protocol stack and related security concerns.
Bernhards Blumbergs is a team member of the Information Technology Security Incident Response Institution of the Republic of Latvia (CERT.LV) and a Researcher at NATO Cooperative Cyber Defence Centre of Excellence, Technology branch. He is a certified exploit researcher and advanced penetration tester (GXPN), and Industrial Cyber Security Professional (GICSP). He has a strong military background, targeted at developing, administering and securing wide area information systems.
B.Blumbergs is also a Cyber Security PhD student at Tallinn Technical University, with his research focusing on methods for network security mechanism evasions and exploit condition analysis.
"Network traffic surveillance – effective means to analyse network security incidents" (EN)
To ensure cybersecurity is a tricky and hard business. Today we have a large variety of available network protection and monitoring tools at our service. But what are our options when network protection we have so painstakingly built is breached? In many cases, all we or experts we summon to help resolve the situation at hand have is log files and evidence of an attack in systems itself.
Obviously, we can do nothing about the attack that was successful, but by deploying the right tools, we can have the full record of the attack as it happened. That solution is Network Traffic Surveillance System or NTSS for short. NTSS is like CCTV for your data network. It is not preventing crime, but records who and when did exactly what. It is achieved by recording ALL of the traffic going through your network. Traffic is captured at the packet level and later reconstructed into meaningful data objects, like web pages, files etc. and indexed for full-text search in all of the data gathered. And best of all – attacker never notices its actions are being recorded as NTSS is “invisible” to the rest of the network.
Raitis Misa professional experience spans from an editor of the magazine and manager at the computer literacy training centre to Development director of State Information Network Agency and head of IT department of Enterprise Register of the Republic of Latvia.
Currently, in cooperation with Ugunssina IT, my interest focuses on network security solutions.
My hobbies are to follow the progress space exploration, photography including astrophotography and contributing to the technology portal http://zparks.lv/ .
"Privacy by design on Internet of Everything" (EN)
Marc Vael is currently the Chief Audit Executive at Smals, a Belgian not-for-profit IT company with 1.800 employees implementing IT solutions for Belgian Federal Social Security Institutions. He has +20 years active experience in evaluating, designing, implementing and monitoring solutions on risk and information security management, BCM/DRP, data protection/privacy and IT Audit. Marc is also president of ISACA Belgium Chapter, deputy member of the Flemish Privacy Commission, member of the audit committee at HoGent, board member of SAI and member of the Permanent Stakeholder Group of ENISA. Marc is a passionate speaker teaching as guest professor at Antwerp Management School, Solvay Brussels School, HOWEST and BA School of Business and Finance. Marc is certified in IT audit (CISA), information security (CISM/CISSP), IT risk management (CRISC), IT governance (CGEIT/ITIL service manager) and certified director (GUBERNA).
"Kā padarīt privātumu un kiberdrošību par vēlamo pakalpojumu?" (LV)
Datu nozaudēšanu un nelabvēlīgu izmantošanu mērogs aug. Kā rezultāts, ir novērojamas divas pretējas tendences: par datu aizsardzību sāk nopietnāk rūpēties un datu aizsardzībai vairs nepievērš uzmanību, jo datu apjoms digitālajā vidē strauji palielinās, dati vairs nav privāts bet publisks aktīvs, pilnīgi tos kontrolēt nav iespējams, bet no datu izmantošanas digitālajā vidē atteikties nav iespējams. Likumdevēji pieņem aizvien jaunus datu aizsardzības aktus, kuriem ir spēks uz papīra, bet ne realitātē. No šīs situācijas cieš visas iesaistītas puses, jo nav skaidrs, vai vispār ir jēga privātuma un datu aizsardzībā. Katram uzņēmumam un valstij ir savas metodes, veiksmes un kļūdu piemēri privātuma un kiberdrošības attīstībā. Šī prezentācija apkopo esošo praksi un parāda, vai ir jēga sapņot par drošības utopiju, un kā padarīt to par tuvāku.
Anna ir juriste, kura nodarbojas ar datu aizsardzību un kiberdrošību, un ir ISACA locekle. Annai ir izglītība juridiskajā un datu aizsardzība jomā: LL.M grāds, kiberdrošības sertifikāts, personas datu aizsardzības speciālista kursu diploms, kā arī papildus profesionālā izglītība. Anna bija prakses un sadarbības pieredze ne tikai Latvijā, bet arī ārvalstīs: Eiropas Cilvēktiesību tiesā un dažādās Čikāgas universitātēs, tostarp saistībā ar datu aizsardzību. Konferences dalībniece vada izglītojošus pasākumus datu aizsardzībā: seminārus speciālistiem, kā arī datu aizsardzības juridisku un tehnisku kursu Rīgas Juridiskajā augstskolā. Papildus autorei ir vairākas publikācijas, tostarp par datu aizsardzību.
"Beyond Security Indexes" (LV)
Cybersecurity affects all of us. Internet users have changed their behaviour in a number of ways because of security concerns. Euro barometer estimated that, worldwide, more than one million people become victims of cybercrime every day. Cyberthreats have the power to drive up costs and affect revenue for companies, making those threats similar to any other financial risks. What organizations need are practical tools to mitigate these threats. Once we understand the cyber ecosystem elements and relationships, it is possible to increase cybersecurity readiness and improve relevant capabilities. However, it is important to note that maturity level of organisation matters and should be taken into consideration within the following categories: legal, technical, organizational measures, capacity building and cooperation. As a result, it is possible to construct effective metrics for business purpose. The analysis derives characteristics from the scientific studies, highlighting most adequate indicators for constructing cybersecurity index for small and medium-sized enterprises (SMES).
Sintija Deruma, CISM is the president of ISACA Latvia Chapter. She is an industry recognized executive with strong business acumen and over 10 years of information security experience. She is completely inspired by the challenge of creating and growing Information Security practices and programs within large organizations, which fits nicely with her passion for managing and developing people.
Sintija has also served as a voluntary expert at Latvian Information and communications technology association (LIKTA). This allowed her to take part in the law development processes in such areas as Critical Infrastructure Protection, National Cyber Security Strategy and The Global Cybersecurity Index (GCI) survey, which measures each nation's level of cyberwellness. Sintija is one of the founders and a member of Latvian information security experts group [DEG] formed in 2012.
Besides that, Sintija is also directly responsible for the management of master degree programme (MBA in Cybersecurity Management) and provides young scientists with the opportunity to conduct research in the newly established cybersecurity research laboratory at BA School of Business and Finance.
Banku augstskolas profesionālās maģistra studiju programmas "Kiberdrošības pārvaldība" studenti un pasniedzēji:
"Publisko bezvadu tīklu radītie riski mobilajām ierīcēm" (LV) - Kaspars Rezgalis, Banku augstskolas maģistra studiju programmas "Kiberdrošības pārvaldība" students;
"Drošības kultūras veiksmes faktori" (LV) - Andis Pilāns, Banku augstskolas maģistra studiju programmas "Kiberdrošības pārvaldība" students;
"Alignment of ICT with business strategy: latest trends and tools" (EN) - Prof., Dr. oec. Tatjana Volkova, Banku augstskola
Digital environments are subject to escalating cyber-attacks. There is a need for integrated approach to company strategic management and alignment of ICT function with business strategy in order to build cyber resilient company. ICT has become a one of the key business functions for almost every organization and stakeholders have big expectations from growing investments to deliver benefits to business. The report will focus on how IT can be positioned within company to support the achievement of company goals and fulfilment of its mission. The report will explain the latest approaches and tools in cybersecurity governance and the changing role of ICT management, its relation with business generic strategies ensuring sustainable organization.
Kārlis Broders, SIA AA Projekts, Business Analyst, Project Manager
"Improving Application development by Leveraging use of ALM software in Government-Funded IT projects" (EN)
In order to achieve project success criteria it is important to fulfil project time, cost and quality objectives and to create a solution that satisfies the project business requirements and the project owner. However the current approach for software life cycle management often does not provide a convenient control of the project vital criteria thus creating a risk of deviating from the stated objectives. A novel approach for requirements management moves from document-centric to item-based methodology using one application where to keep all the vital project information. The goal is to study the concept of Application Lifecycle Management (ALM) and gather and analyze first experiences when a state-funded IT system is moving towards distributed application lifecycle management. First experiences show that using Jama Software to manage artifacts produced in different stages of the project lifecycle helps keeping all activities synchronized and traceable. The challenge resides in how to generate efficient company-specific implementations of ALM for complicated real-life situations. Change request control and IT system maintenance often passes through the same stages a newly developed IT product therefore the main research question emerges: "How can the implementation of ALM software in government-funded IT projects benefit the management of the existing and future government IT Systems?"
Janis Vavere is holding two Master of Science degrees from two world-class universities University of Amsterdam and VU University Amsterdam. Janis has extensive experience in academic research of managerial issues that has been gained while working in Amsterdam, Leiden, Riga and Sydney. The latest study was done in University of New South Wales (UNSW) and The Health-Science Alliance in Sydney where he was researching the development of an upcoming Advanced Academic Health Science Center.
"Insurance as a vital part of cyber risk management" (EN)
As the world becomes ever more connected and technologically advanced, businesses are finding it easier to trade worldwide. However, we pay the price by being exposed to a greater variety and frequency of cyber risks. This means that any business with a presence online, a reliance on a network or system, or with a database of sensitive information needs to proactively manage their cyber risk. The exponential growth of both personal and commercial users is further increasing the number of avenues through which cyber-attacks can be launched, which is why cyber risk is now treated as a high priority on boardroom agendas. In this presentation, I will go over the evolution of cyber risks, the steps taken to manage them, and how insurance is playing an increasingly important part of companies’ overall risk management programme; protecting them from the inevitable.
David leads the European technology and cyber team at Lloyd’s broker, Safeonline LLP – the largest, specialised technology and cyber insurance broker in the London market. He is experienced in placing highly technical insurance policies for European companies from a variety of industries; technology and telecoms, to legal, financial and manufacturing. David is working on a number of projects to help European companies and insurers with their insurance and risk management requirements in the run up to the implementation of the EU-wide General Data Protection Regulation, which becomes effective on the 25th May 2018.
Lauris has been in insurance business for over 11 years, and now is responsible for International Business Development in Baltic leading broker company IIZI Brokers. One of his key focus areas is Technology PI and Cyber insurance, as these products are not common in local market and have to be placed internationally. Lauris has been cooperating with insurers and brokers abroad since 2013, including Safeonline, IIZI’s preferred Tech PI and Cyber insurance provider, helping and explaining to Latvian companies how to protect their financial assets and strengthen their competitive advantage with Tech PI and Cyber insurance solutions.
Prezentācijas laikā varēs uzzināt par implantējamo sirds defibrilatoru pārraidīto datu pārtveršanas veidiem un viena ražotāja datu pārraides sistēmas izpēti. To veica ICeeData (Latvijas izcelsmes projekta) dalībnieki ar mērķi pielietot tos datus pacientu dzīvesveida analīzei, lai uz tās pamata palīdzēt pacientam pieņemt lēmumus par savu veselību.
"Responsible disclosure process – vulnerabilities of IP security cameras" (EN)
Internet of Things is becoming ever more popular, and vendors seek to capitalize on that: nowadays the manufacturing process of some security cameras is more alike to that of an Internet of Things device, rather than a security device. This reckless attitude undoubtedly leads to security vulnerabilities in critical systems.
Author researched the firmware of IP security cameras of a specific vendor and found major security vulnerabilities; CVE IDs assigned: CVE-2016-2356,2357,2358,2359,2360. The presence of vulnerabilities in the wild was verified in cooperation with CERT.LV by testing a Latvian public institution with more than 100 products by this vendor.
Given that vendor is located outside EU, the researcher initiated an international responsible disclosure process, working with the vendor, CERT.LV, the public institution, the installer, HackerOne Inc., and CERT/CC.
Presentation covers the technical aspects of vulnerabilities (presented publicly for the first time), lessons learned, and recommendations to security officers and policy makers.
Mg. sc. comp. Kirils Solovjovs is an IT security expert and researcher. His professional experience includes working for NATO CCDCOE as an intern and the Ministry of Defence as a senior expert, where he drafted the Regulation No 442 and was representing Latvia as the National Expert to the European Council on the NIS Directive.
Kirils has an extensive experience in network flow analysis, reverse engineering, social engineering, penetration testing, security incident investigation, and the legal dimension of cyber security and cyber defence. He has a history of contributions aimed at improving security of both Latvian and international information systems.
"Hacking the Hackers: Strategic Analysis in Cyber Defense" (EN)
From Chechnya to Estonia, Ukraine, and the 2016 US Presidential Election, computer hacking has become a strategic weapon in international relations. Soldiers and spies read your email, deface your websites, and hack your critical infrastructure. The line between “cyber war” and traditional war is disappearing fast. However, despite its sharp teeth, the “Advanced Persistent Threat” has an enormous, bureaucratic body that you can dissect and eat, one byte at a time. As a cyber defense researcher, you are the commander of your own corner of cyberspace, with access to more math, science, reason, logic, and creativity than any government. So gird your loins, gather your comrades, and slay the APT.
Kenneth Geers (PhD, CISSP); COMODO Senior Research Scientist, NATO CCD COE Ambassador, Atlantic Council Senior Fellow, Digital Society Institute-Berlin Affiliate, TSN University of Kyiv Visiting Professor. 20 years US Government (US Army, NSA, NCIS, NATO); FireEye Senior Global Threat Analyst. Author “Strategic Cyber Security”, Editor “Cyber War in Perspective”, Editor “The Virtual Battlefield”, Technical Expert “Tallinn Manual”, 20+ articles and chapters on cyber security. Twitter: @KennethGeers.