9:00
|
Coffee & networking
|
9:40
|
Welcome note
|
|
Ewa Lis-Jezak
Associate Vice President, Poland & Baltics
|
9:50
|
IDC Keynote: Prevent or cure? How AI is changing the security paradigm
|
|
Wiktor Markiewicz
Senior Research Analyst, Poland and Baltics, IDC Poland
|
10:05
|
Debate: From threat map to building digital trust
|
|
Maciej Siciarek
Director of CSIRT Division, NASK
Artur Barankiewicz
Head of Security Business Development, B2B Europe T-Mobile
Ewa Lis-Jezak
Associate Vice President, Poland & Baltics
Alicja Skraburska
Global Cybersecurity Lead, HSBC
gen. dyw. Karol Molenda
Commander of the Cyber Defense Forces
|
10:40
|
Keynote: The 4th dimension of cyber security, or what to watch out for in space
|
|
Digital trust is crucial to the security of every connected thing, from the ocean floor to the vastness of space. Satellites offer valuable services, from communications and the Internet, to satellite navigation and Earth observation systems, to national security. A space-based cyberattack would cause disruption and gigantic losses, not just material ones. During the lecture, I will talk about current security levels, disclosed cases of hacked satellites and the consequences of these attacks, as well as what is currently (not) being done to better secure this critical orbital infrastructure. I will also suggest where to look for knowledge and additional information in this area.
Łukasz Wilczyński
Senior Communication Expert / Founder, Planet Partners
|
10:55
|
NIS II: Tips for CISOs
|
|
For CISOs, it's important to understand the requirements of NIS2 and make sure your company is compliant in a timely manner. In this interview, we explain what NIS2 is and how to prepare for it as a company. We provide some advice for CISOs and those responsible for security at the company.
Agnieszka Wachowska
Attorney at Law, Partner at Traple Konarski Podrecki & Partners
|
11:07
|
Why we are not learning the lessons of Stuxnet
|
|
It is not a particularly difficult task to design a super-secure IT architecture. It's not even an overly expensive challenge. We have enough standards, benchmarks and best practices to be able to deal with the most serious threats. But despite all our knowledge - Iran's nuclear program was sabotaged with a worm carried on a USB drive (ok - a very advanced worm). Are we now better equipped to protect our production processes than Iran was 13 years ago? And is it even possible to implement a secure system in an era of digital transformation? From the perspective of minimizing the attack surface, where is the place for the recently ubiquitous artificial intelligence and where is it just a marketing slogan. And why we should finally stop calling humans the weakest element in a security system.
Marcin Spychała
Technical Advisor, HCL Software
|
11:27
|
Introduction to Connect Tables
|
11:32
12:27
|
Connect Tables (Parallel Sessions)
|
|
Cloud Security (Disaster Recovery, IAM, Data security, Data Governance)
11:32 - 12:27
Cloud Security (Disaster Recovery, IAM, Data security, Data Governance)
It is believed that cloud security is still inherently complicated. There is no one-size-fits-all way to make cyber security simple. What should you keep in mind to use the cloud safely and securely?
Jacek Nawrot
Senior ICT Executive Consultant, IDC Poland
11:32 - 12:27
Data Management
Companies using the cloud must approach data sovereignty analysis holistically. Data sovereignty is not an issue that can be addressed by the chief information officer alone. In practice, CISOs, legal, procurement, risk managers and auditors must also be involved in risk management and data sovereignty processes.
Wiktor Markiewicz
Senior Research Analyst, Poland and Baltics, IDC Poland
Cyber security and cloud have the biggest gaps in hiring specialists. Acquiring such specialists is expensive, and it is difficult to keep them in the company. However, all is not lost. Some steps can be taken beyond trying to hire new employees.
Edyta Kosowska
Senior Research Analyst, Software, IDC Poland
Most organizations are aware of the threat posed by ransomware. The problem is that there is no foolproof way to prevent such attacks. Instead, we must rely on a variety of tools, practices and training methods to ensure that we have a chance of keeping our systems and data secure.
Dominik Rozdziałowski
Director of the Cyber Security Department, MON
Jaroslaw Smulski
Senior Program Manager, Systems & Infrastructure Solutions, IDC Poland
11:32 - 12:27
Generative AI
It has been used to identify threats in the cloud for nearly a decade. Generative AI will be a game changer for cloud security, especially for common pain points such as threat prevention and manual security management for recurring events.
Ewa Zborowska
Senior Research Manager, IDC Poland
|
12:27
|
Coffee break & networking
|
13:12
|
AI versus AI
|
|
Cyber criminals, foreign special services, and other adversaries, unfettered by ethics or the law, create - in often very creative ways - novel and innovative forms and vectors of attacks using AI. Conducting such attacks is generally cheaper and easier than implementing effective preventive tools and methods for defending against and combating threats. Thus, it can be assumed that in the near term, the harmful use and abuse of AI technologies may outweigh the positive and helpful methods based on AI tools in maintaining a high level of security. Are we in a losing position? How should the implementation of technological solutions be planned to level our playing field on this entirely new plane of conflict?
Dr hab. Kacper Gradoń, Ph.D., D.Sc.
Honorary Senior Research Fellow Department of Security and Crime Science University College London
Ewa Zborowska
Senior Research Manager, IDC Poland
|
13:27
|
Every User is a Privileged User
|
|
What do cyber attacks and privileged users have in common?
We live in a world full of privileged accounts and a plethora of access keys, from domain accounts to local Unix passwords, the number of digital identities we need to protect is growing rapidly.
Which account is taken over can decide the difference between a simple network breach and a cyber disaster. That's because once the credentials of a privileged account are taken over, an attacker can impersonate a trusted employee or system and carry out malicious activities without being detected as an intruder. Once attackers breach a privileged account, they can usually roam freely in the IT environment to steal information and wreak havoc. During the session we will discuss:
- Three examples and use cases of privilege-based attacks.
- The best methods currently used to reduce the risk of a privileged account attack.
- How to significantly improve the productivity of IT teams and systems.
- How to provide your IT department, the administrators, with insight into what is happening on your network and when it is happening.
Paul Franka
Regional Sales Manager Eastern Europe, Delinea
|
13:42
|
How are disruptive technologies changing the cybersecurity strategy?
|
|
Technologies, such as IoT, 5G, blockchain, edge computing and AI are changing the cybersecurity landscape and posing significant new challenges for organizations. These new technologies require CISOs to rethink security architectures, challenge old assumptions, rip and replace completely outdated security platforms, and invest in new categories of security.
Krzysztof Szczepański
Dyrektor Departamentu Bezpieczeństwa i Ryzyka, Krajowa Izba Rozliczeniowa SA
Wiktor Markiewicz
Senior Research Analyst, Poland and Baltics, IDC Poland
|
13:52
|
Understand the enemy, know yourself, stop the ransomware!
|
|
Ransomware has evolved from being a side occupation for cybercriminals to targeted big game hunting operations using sophisticated technical means. When ransomware threatens to shut down business operations, one of the most important measures of success is the speed of response and isolation of the problem to the initial attack vector. Together, we will look at the process tree from a ransomware attack, analyze selected details and context of the attack, and finally answer the question of what more can be done to improve the ability to proactively detect malicious activity.
Robert Michalski
Senior Systems Engineer Eastern Europe, CrowdStrike
|
14:07
|
Debata: Skills gap/ Skills strategy
|
|
Edyta Kosowska
Senior Research Analyst, Software, IDC Poland
Marta Barcicka
Independent Expert
Cezary Mączka
Group Chief People & Culture Officer, Grupa Wielton
Tina Sobocińska
Founder & HR Strategic Advisor, HR4future
Beata Jarosz
Co-founder and CEO of Future Collars
|
14:32
|
Unified SASE Platform
|
|
Over the past year, many IT leaders have begun to consider using the Secure Access Service Edge (SASE) platform to enable faster and more secure communications in their organizations. Since the network edge follows the employee, it has become essential to provide a solution that combines networking and security functions into a single, native cloud service that provides access to distributed corporate resources from anywhere. The session will introduce HPE Aruba Networking's answer to these challenges.
Longin Mikołajczyk
Sase Sales Specialist, HPE Aruba Networking
|
14:47
|
The strategic role of the CISO in any organization
|
|
Ewa Zborowska
Senior Research Manager, IDC Poland
Andrzej Bartosiewicz PhD
President CISO #Poland, VP Executive CISO4U
|
15:02
|
Lunch & networking
|
15:50
|
Ransomware Attack. Basic principles of first aid
|
|
Dominik Rozdziałowski
Director of the Cyber Security Department, MON
Wiktor Markiewicz
Senior Research Analyst, Poland and Baltics, IDC Poland
|
16:00
|
Digital Archive in the Cloud: the (R)evolution in content storage
|
|
Ewa Zborowska
Senior Research Manager, IDC Poland
Mateusz Szkudlarek
Senior Director of IT Operations, TVN
Sebastian Szaraniec
Chief Enterprise Architect, TVN Warner Bros. Discovery
|
16:15
|
Think like a criminal - how to build a team capable of confronting attackers and their non-obvious ideas?
|
|
Tomasz Bukowski
Red Teamer/Offensive Security Guy, Standard Chartered Bank
|
16:30
|
Breaking through the resistance: building openness to the cloud in a regulated industry
|
|
Robert Pławiak
CIDO, Polpharma
Ewa Zborowska
Senior Research Manager, IDC Poland
|
16:45
|
Cyber security in times of lack of attentiveness. On the relationship between digital hygiene and vulnerability to cybercrime
|
|
Digital hygiene is the health-protective behavior associated with the use of the Internet and screen devices, and more broadly: information and communication technologies. They pose enormous challenges to our brains, which are evolutionarily unprepared to function freely in a 21st century information society. Therefore, using them in a healthy way is a challenge for everyone, regardless of age. The level of digital hygiene has a huge impact on the cyber security of people of all ages. What kind of impact? Magdalena Bigaj, creator of the Institute for Digital Citizenship and author of the book "Raising by the Screen. How to prepare your child for life online?" (W.A.B. Publishing House)
Magdalena Bigaj
President of the Digital Citizenship Institute Foundation
|
17:05
|
Event summary & closing note
|
|
Ewa Lis-Jezak
Associate Vice President, Poland & Baltics
|
17:10
|
Cocktail & networking
|