The advent of Industry 4.0 will require secure ICS, IoT and cloud architectures to embrace an agile methodology to meet industrial and business demands. These architectures will need to take into consideration the security of embedded components and SCADA systems, sending traffic to the cloud as well as the security of cloud environments. Data privacy can impact architecture if personal identifiable information is collected to aid in analysis in these cloud environments. Furthermore, we will look at the ISA/IEC 62443 standard and its impact on and applicability to these architectures. Concepts on network architecture design, defense-in-depth network, component selection and hardening, as well as the security development lifecycle’s importance on IoT, the edge and cloud architecture, will be presented and solutions discussed.

Many threat modeling approaches exist with new techniques and tools to perform the same activity for different scenarios. However, methodologies like DevSecOps pose a huge challenge for threat modelers in incorporating the demands of different teams including scaling and quality issues and in successfully demonstrating business value. This requires moving away from traditional practices to fit DevSecOps needs. After an elaborative study, we introduce a Maturity Model for Threat Modeling, focused on how it can be integrated with the enterprise. You will witness threat modeling as a central tool for security risk management, how various functions in the enterprise can be involved to address risk and finally preparing organizations to experience the right outcome for recommended tool categories at every maturity level.

A former CIA intelligence officer with over two decades of experience breaching the security of his targets overseas identifies the threat actors behind today's data breaches along with their motivations and objectives. He reveals human hacking methodologies that increasingly incorporate OSINT, especially social media platforms, to identify, assess and manipulate key insiders to facilitate the breach.

This presentation will demonstrate several advanced social engineering techniques going far beyond commonly known phishing attacks. It also identifies and promotes a two-pronged risk mitigation strategy incorporating organizational and personal information control along with a "verify, then trust" discipline when confronted by potential human hacking attempts.

The internet of things (IoT) has been a significant advancement in technology, modernizing repetitive tasks, streamlining data collection, and providing new ways to collect, interpret and disseminate information. Numerous industries have benefited from advancements in IoT technology, including healthcare. Medical IoT (MIoT) has deployed several devices, including internet-connected sleep apnea machines, blood pressure regulators, glucose monitors and mobile echocardiogram and heart rate monitors. The advancement in MIoT has revolutionized the treatment of care. Both treatment facilities and patients perform a significant amount of care solutions from their homes, saving the patient time and money. The integration of technology to maintain potential life-sustaining functions within the patients comes with the challenge of ensuring that data integrity and patient safety are not compromised.

The ePrivacy Regulation is still not there, but cookies (and other tracking mechanisms) have been under close scrutiny from European Data Protection Authorities. This sessions will review the actual scopes and requirements of the “cookie law” implementation in various EU member states, along with the requirements changed by the GDPR. Some common pitfalls and misconceptions will be explained and pragmatic solutions presented. The session will also review how Isabel Group proceeded to the selection and implementation of its cross website cookie consent management solution, and how the solution has helped the company and the changed it triggered.

Cyber insurance? Do we need it? Who better to discuss cyber insurance than with actual underwriters. Go behind the scenes to learn about the current cyber liability landscape. We know insurance forms are complex, coverages are vague, and there are often hidden exclusions. We provide you with the knowledge to understand these issues, highlight how you can efficiently work through the application process, understand what insurance companies look for, and ask the right questions to effectively negotiate your coverages and premium. Additionally, we discuss real-life scenarios that lead to denial of claims.

Compliance means conforming to rules, such as specifications, policies, regulations or standards and laws. As information security professionals, we know that things are not black and white and that controls, however well intended, may break a system or render it unable to perform it's business function. But how do we make sure that we understand the true intent behind a control in order to effectively demonstrate compliance? Where engineers are left not understanding a control's intent or unable to effectively explain mitigating controls, auditors have a hard time breaking down the components of a control to make them understandable. Each scenario can lead to false positives and erroneous findings. Let's explore how to effectively translate between technology speak and audit jargon.

Doxing is a term derived from documents, and hence consists of collecting information on an organization or individual through social media websites, search engines, password-cracking methods, social engineering tools and other sources of publicly displayed information. The main purpose of doxing attacks is to threaten, embarrass, harass and humiliate the organization or individual. Various tools are used to perform doxing. Tools such as Maltego visualize an organization’s architecture, which helps determine weak links within the organization. This presentation discusses different ways organizations and employees can be doxed and suggests measures to protect against doxing attacks.

Cryptography is commonly used to protect the secrecy and integrity of data. It is a good thing that secure transportation is now commonly used. However, usually the owner of the data does not know with certainty which of their data is transferred. The transportation is guarded by cryptographic techniques so it is impossible for the owner to inspect the data-stream. The only way to inspect this process is to inspect the source code and to verify that the used program matches the inspected code. Not all parties are willing to have their code inspected. We are presenting the early findings for possibilities and feasibilities for the data owner to temporarily inspect the encrypted transportation for a limited time and we will demonstrate the prototype.

The security market is full of solutions to support threat detection and response: EDR, NDR, SIEM, XDR, SOAR, you name it. But just deploying tools is not enough to get results. Organizations must ensure they have the appropriate coverage of threats and technologies to detect and respond to incidents and minimize impact. This session introduces the coverage concept and how it affects the performance of threat detection and response, as well bringing some important lessons learned from real world deployments.