Októberráðstefna CERT-IS 2020
Októberráðstefna CERT-IS 2020
Októberráðstefnan 2020 var haldin 19. og 21. október 2020.
Hlekki á upptökur er að finna hér fyrir neðan.
Mánudagur 19.10.2020 –Áskoranir CERT sveita
13:00 Setning ráðstefnunnar
Fundastjóri er Þorleifur Jónasson forstöðumaður, tæknideildar Póst- og fjarskiptastofnunar.
13:05 CERT-IS – Nýjar áherslur og áskoranir í kjölfar innleiðingar NIS, (PDF)
Lýsing: 1. september sl. gengu í gildi ákvæði laga 78/2019 um öryggi net- og upplýsingakerfa mikilvægra innviða. Í þeim lögum er skilgreint hlutverk CSIRT (Computer Security Incident Response Team) og gegnir CERT-IS því hlutverki hérlendis. Í fyrirlestrinum verður fjallað í stuttu máli um þær áskoranir sem þetta nýja hlutverk hefur í för með sér hjá CERT-IS og þau áform um eflingu og uppbyggingu sem ætlað er að koma til móts við það
Fyrirlesarar: Kristján Valur Jónsson, fagstjóri CERT-IS, netöryggissveitar PFS, og Unnur Kristín Sveinbjarnardóttir, fagstjóri öryggis fjarskiptaneta hjá PFS.
Kristján Valur er rafmagnsverkfræðingur og tölvunarfræðingur að mennt. Hann lauk doktorsprófi í tölvunarfræði með áherslu á upplýsingaöryggi frá KTH og HR árið 2012. Kristján hefur starfað við hugbúnaðargerð og verkefni tengd kerfishönnun um árabil, en unnið hjá CERT-IS sem netöryggissérfræðingur frá 2015, nú síðastliðið ár sem fagstjóri.
Unnur Kristín er lögfræðingur og fagstjóri samhæfingar net- og upplýsingaöryggis hjá Póst- og fjarskiptastofnun. Hún hefur starfað innan þess opinbera í þrettán ár. Fyrst hjá Alþingi Íslendinga og hjá forsætisráðuneytinu en sl. níu ár hjá Póst- og fjarskiptastofnun. Unnur Kristín hefur lokið B.Sc. gráðu í viðskiptalögfræði, meistaragráðu í lögfræði ásamt LLM gráðu í Evrópurétti og diplómagráðu í fjarskipta- og fjölmiðlarétti.
13:40 KraftCERT - Threat assessment
Lýsing: We take a look at hot vulnerabilities and threats to both critical infrastructure and SMEs, based on incidents and analysis: we look at counter measures.
Fyrirlesari: Margrete Raaum, manager of KraftCERT
Margrete Raaum is manager for KraftCERT, the Norwegian CERT for energy (oil, gas & electric), water & wastewater and industrial control system industry. She has a background from IC design, computer networking, and information security. She has worked on information security since 1998 for the ISP community, in academia for a number of years, as well the Norwegian Security Authority/National CERT (NSM/NorCERT) and at the grid- and transmission system operator (Statnett). She was on the board of directors of FIRST (The Forum for Incident Response and Security Teams) for 8 years, serving as chairman for 2 years.
14:25 The Danish national CSIRT, its tasks and capability
Lýsing: Auglýst síðar
Fyrirlesari: Peter Knøster, head of the Danish CSIRT
Colonel Peter Knøster is head of the Danish CSIRT which was established as part of the Danish Center for Cyber Security in 2018 – Peter Knøster has experience from a wide range of policy and operational aspect of cyber security
15:00 Lok fyrri dags ráðstefnunnar
* Opinber upptaka af fyrirlestri frá dönsku netöryggissveitinni CFCS er ekki heimiluð.
Miðvikudagur 21.10.2020 –Netöryggi - Tæki, tól og þjónusta
13:00 Opnun seinni dags ráðstefnunnar
Fundastjóri er Þorleifur Jónasson, forstöðumaður tæknideildar Póst- og fjarskiptastofnunar.
13:05 StoredSafe - 17 years of IT Audits in the US - difference between EU and US
Lýsing: XPD has together with Emineregroup, performed numerous IT-security audits since 2003 in the US, utilising a combination of IT Governance and technical IT-security audit, to give the customers a longer lasting security posture. The presentation will walk thru this fairly unique type of audit and as-well discuss some of the peculiarities we have found during our audits and point out some major differences between US and Europe in term of organisational and technical challenges.
Fyrirlesari: Fredrik Söderblom, CEO and founder of StoredSafe
Fredrik Soderblom (CISA, CISM) is the CEO and founder of StoredSafe (2011), developing products that meet any regulatory requirement when it comes to securely storing and sharing of information. CEO and Founder of XPD (2003), an expert IT- and Information security company. Fredrik has been working in the IT industry for more than 25 years, and has been involved with the Internet and security since 1992, when he designed and implemented the first firewall for Hewlett Packard in northern Europe. He has designed and implemented various network perimeter security solutions in Europe and the United States, as well as performed numerous security audits.
14:00 SANS - How to Develop Key Performance Indicators for Security
Lýsing: As a result of high-profile data breaches executives and boards of directors are increasingly interested in their organization’s risk posture. Unfortunately, many security teams are providing more uncertainty than quantitative metrics that can be used for informed decision making. Security teams must be able to provide actionable data to help these leaders better understand their risk posture. But resources are limited, and security teams must be able to prioritize defence over constant reporting. Therefore, any metrics that are reported must be gathered in an automated way that does not require constant staff interventions.
In this presentation, attendees will learn practical steps to creating meaningful key performance indicators that can be communicated to leadership to facilitate helping the organization to meet their goals. Specifically, to help solve this problem the Centre for Internet Security, has developed metrics to practically measure an organization’s risk posture. These metrics are actionable and can be automated using technical security sensors. In this presentation attendees will discover techniques for implementing automated tools for gathering metrics and methods for synthesizing these metrics into actionable metrics that executive leaders can understand.
Many organizations, including the US Department of State and US Department of Homeland Security, have begun presenting models for organizations to follow when creating specific information assurance metrics programs. Using the Critical Security Controls as a foundation, this presentation will show participants specific steps to take and metrics to use to begin or enhance their assurance dashboards.
Fyrirlesari: James Tarala, consultant with Enclave Security
James Tarala is a principal consultant with Enclave Security based out of Venice, Florida, and a SANS Senior Instructor. As a consultant, he has spent the past several years designing large enterprise security and infrastructure architectures, helping organizations to perform security assessments, and communicating enterprise risk to senior leadership teams. He is the author and an instructor for SEC566: Implementing and Auditing the Critical Security Controls, SEC440: Critical Security Controls: Planning, Implementing, and Auditing, and a co-author and instructor for MGT415: A Practical Introduction to Cyber Security Risk Management.
14:55 Mnemonic - When S*** hits the fan
Lýsing: Morten shares his personal experiences with incident response and gives insight on how organizations can be prepared for security incidents.
Fyrirlesari: Morten Weea, member of the mnemonic threat intelligence team, and Robby Peralta.
Morten is a member of the mnemonic threat intelligence team and has extensive experience as an “incident handler”. He is also a PhD candidate, researching decision making in incident response.
Robby Peralta has spent the past 5 years focusing on security monitoring technology and services, and has worked with companies across the Nordics to establish and improve their capabilities. He is also the host of the mnemonic security podcast, and is responsible for mnemonics operations in Iceland.
15:45 BitSight – Managing, communicating and increasing the cyber resiliency of the Critical National Infrastructure of a Country
Lýsing: In this presentation we’ll share with the audience how Iceland is performing in the Cybersecurity and how we are helping organizations like Ministries, National Cybersecurity Centers, National Certs and Telecom Regulators in the following areas:
1. Increasing the Cyber Resiliency of the Country and their Constituents
2. Managing the National Digital Footprint
3. Measuring the Cybersecurity Performance
4. Communicate Cybersecurity Performance
Fyrirlesari: Francisco Fonseca, VP National Cybersecurity at BitSight
Francisco Fonseca is currently VP of National Cybersecurity at BitSight. From 2014 to 2019 he was responsible for BitSight in Portugal, Spain and Brazil. Co-founded the cybersecurity company AnubisNetworks in 2006 and has served as Chief Executive Officer from 2006 to 2019. AnubisNetworks was acquired by BitSight in 2014. Prior to AnubisNetworks, he founded Crashless, a managed services provider specializing in complex Microsoft-based services, which was acquired by Claranet in 2008. Before 2008 worked in the telecommunications industry (Vodafone), implementing and managing email platforms for corporate and ISP environments. Francisco was Vice President of the National Association of Young Business People (ANJE). Taught at Moderna and Nova Universities. Francisco attended the “Advanced Program in Entrepreneurship and Innovation Management” from Católica Lisbon and the Advanced Management Program from the Kellogg School of Management and Católica. He holds a degree in Management and Computer Science from Minho University.