image
Logo

March 13 - 14, 2019

Bogotá, Colombia

3rd International Cybersecurity Conference

Our Sponsors and Partners

Agenda

March 13, 2019

  • 7:00am - Registration Opens

    Doors open to claim your badge

  • 8:30am - 9:00am - Opening Ceremonies

    Welcome to Tactical Edge

  • 9:00am - 10:00am - Keynote: Chad Loder - Founder & CEO Habitu8 / Founder Rapid7
    Pic

    Title: Rise of the Humans

    I will discuss the evolution of the security industry over the past 25 years. How people, and psychology, and compassion must dominate the next 25 years

  • 10:00am - 11:00am - Keynote: Wilmar Castellanos - Partner Cyber Risk Services / Deloitte
    Pic

    Title: Technological tendencies in digital transformation and its implications to cyber risk.

    This presentation is based on the latest Tech Trends study by Deloitte from the point of view of Cyber Risk.

  • 11:00am - 11:30am - Break

    Please enjoy a nice cup of Colombian coffee, meet our sponsors, learn about their fantastic products and services. Don't miss it.

  • 11:30am - 12:30pm - Kelly Villa - Director of Security projects and development of IoT platforms
    Pic

    Title: Secured IoT Products, is it possible?

    We purchase intelligent devices that automate our everyday activities, but what are we giving up in exchange for our lives being made easier? What do we know about them? It is true that some of them are always listening but, do we know what do manufactures do with all that data? Have you asked your self "how much they know about us?"

    In this presentation I will show a line chart starting with the smallest vulnerability all the way to the limits of what a hacker can do with an IoT device. I will demonstrate that IoT device do not need to be sophisticated in order to be hacked. IoT solution providers, those that make the hardware to those that create the code to those that install them, can mitigate these vulnerabilities, but a lot of them simply don't know how to.

    The presentation ends with real world recommendations based on results of my research. I will show how manufactures, developers, companies, and end users, can make better decisions when designing and using IoT products in order to reduce exposure.

  • 12:30pm - 1:30pm - Lunch Break

    Enjoy your lunch. Recharge batteries for the afternoon sessions. Please return by 1:30pm in order to start on time.

  • 1:45pm - 2:45pm - Judy Towers - Head of Cyber Intelligence
    Pic

    Title: Subversion And Espionage Directed Against You

    Industrial espionage is the practice of secretly gathering information about competing corporation or business interest, with the objective of placing one's own organization at a strategic or financial advantage. A common practice to achieve this advantage is to elicit information from unwitting individuals through what today is called social engineering (SE). We all hear the term SE so often that we become desensitized to it, thereby INCREASING the effectiveness of it against ourselves and organizations. Thus, will call it what it is - Human Intelligence, also known as HUMINT.

    Presenting personal experiences as an Army counterintelligence agent with examples of military and industrial espionage, will examine tradecraft employed against individuals every day. We will apply lessons learned from the US military and the intelligence community by using two acronyms taught to Army counterintelligence agents: SAEDA (Subversion and Espionage Directed against the Army) and MICE (Money, Ideology, Coercion, Ego). By presenting different aspects of HUMINT collection efforts will enable individuals to possibly detect, deflect, and protect oneself from such actions.

  • 2:45pm - 3:45pm - David Mortman - SVP, Cloud Security Architect for Bank of America
    Pic

    Title: There is no cloud, there's just someone else's regulator

    Financial Institutions are one of the last industry verticals to embrace cloud, especially in Infrastructure-as-a-Service. This is for a variety of reasons. Most prominently there are significant challenges due to mass of regulations and compliance regimes banks face. I'll talk about what those issues are and how banks are addressing them.

  • 3:45pm - 4:15pm - Break

    Please enjoy a nice cup of Colombian coffee, meet our sponsors, learn about their fantastic products and services. Don't miss it.

  • 4:15pm - 5:15pm - Adrian Sanabria - VP of Strategy and Product Marketing for NopSec
    Pic

    Title: Securing Systems: Still Crazy After All These Years

    It's 2019 and we're still not sure if we have an accurate list of assets. We certainly can't guarantee they're all secure. The last penetration test was a bloodbath. Every day, we wonder if the breach will come.

    The cycle of stress and worry CAN be broken, but each stage of securing systems has challenges. We'll analyze these challenges and provide strategies to address them. From asset discovery to hardening to vulnerability management - this talk will show how to build lasting confidence in the security we provide to our organizations.

  • 5:15pm - 6:15pm - Chris Eng - Vice President of Research at Veracode
    Pic

    Title: Why Does Application Security Take So Long?

    Why does it take so long to fix insecure code? We pair new data about the lifecycle of a vulnerability with learnings from appsec programs to answer this perennial question. Our data comprises 700,000 individual assessments and a population of over 22 million unique security findings, easily the largest application security data set of its size. We'll provide advice on shortening time to resolution in your organization, and we'll do a deep dive into how financial institutions stack up against other verticals.


March 14, 2019

  • 7:00am - Registration Opens

    Doors open to claim your badge

  • 8:30am - 9:00am - Opening Ceremonies

    Welcome to Tactical Edge

  • 9:00am - 10:00pm - Keynote - Darktrace

    Title: Automated Response based on AI: Are humans ready for this?

    Ransomware atacks such as WannaCry move way too fast for humans to keep up, and there are more advanced ransomware attacks on the way. Cyberseurity is quickly becoming an arms race of sorts: Machines that battle machines in the field of corporate networks. Algorithms against algorithms. Cybersecurity defenses based on AI can detect threats as they appear, but they can also detect threats in teal time. It seems the industry is heading towards a fully automated approach. The question is, are humans ready to accept actions and decisions made by these machines? In this session we will discuss: - AI algorithms to detect and respond to threats - How humans either adopt or resist automated defenses. - Concepts of "Human Confirmation" and "Active Defense". - Review some success cases in smart cities, ICS, and others.

  • 10:00am - 11:30am - Businness roundtable and Networking

    Join us for a series of conversations with our sponsors and for networking with other professionals.

  • 11:30am - 12:30pm - Alex Aronovich - Director de Ventas y Business Development - Cybint Solutions
    Pic

    Title: The human factor in Cyber – the missing link in your organization's resilience plan

    In my session, I will discuss how the existing lack of talent in the cyber field worldwide is hurting organization's security. By hiring unexperienced and inadequate employees who lack proper practical training in cyber intelligence and cybersecurity, companies lack with the tools and knowledge to deal with the threats facing them from attackers. I will dive deep into how accelerated learning processes, as used by the world famous IDF Unit 8200 can make the best of your workforce's time in order to keep your organizations safe and the workforce aware, literate and ready to deal with attacks. With an overflow of technology coming to organizations investing millions in cyber security, the human factor has become the main weakness left to solve. How can training and workforce development aid organizations in mitigating risks and improve security? Maybe Israel's cyber elite units have the answer.

  • 12:30pm - 1:30pm - Lunch Break

    Enjoy your lunch. Recharge batteries for the afternoon sessions. Please return by 1:30pm in order to start on time.

  • 1:45pm - 2:45pm - Tazz - Expert in Cyber Intelligence
    Pic

    Title: Acquisitions, Mergers, and Partnerships: Performing Extensive Due Diligence using Open Source Intelligence (OSINT)

    Come learn how to look beyond the ledgers and analyze FREE publicly available information to learn what questions you should be asking before you partner with, buy, or merge with another organization.

  • 2:45pm - 3:45pm - David Pereira - CEO Secpro - Security Professionals
    Pic

    Title: Human Hacking: The Art of Deception

    In the real world, the most effective way for a malicious hacker is to attack the user; In this presentation we will explore different ways the attackers uses to achieve that goal and we will show many different ways to defend ourselves against them, showing that people are the first line of defense in Cybersecurity.

  • 3:45pm - 4:15pm - Break

    Please enjoy a nice cup of Colombian coffee, meet our sponsors, learn about their fantastic products and services. Don't miss it.

  • 4:15pm - 5:15pm - Cheryl Biswas - Strategic Threat Intel Analyst with TD Bank
    Pic

    Title: Botnets and Miners: The Weaponization of Monetization

    Over the past year we have seen an evolution in botnets, from instruments of mass disruption to exploit-enhanced armies used for mining and control. Attackers have realized the wealth of resources in enterprise environments, locating cryptominers where they can profit most. But once inside those enterprise networks there are other opportunities to be mined for by both criminals and nationstate attackers.

    As we move past outages to destructive payloads what should we expect when weaponization meets automation? This talk will present the evolution of botnets and miners from annoyance to adversary, and we need to reassess our attack surfaces for this growing threat.

  • 11:00am - 11:30am - Break

    Please enjoy a nice cup of Colombian coffee, meet our sponsors, learn about their fantastic products and services. Don't miss it.

  • 5:15pm - 6:15pm - Dave Lewis - Global Advisory CISO at DuoSec (now Cisco)
    Pic

    Title: Zero Trust & The Flaming Sword of Justice

    Security breaches pervade the headlines. What was seen as a rare instance just 5 years ago now seems to occupy the daily news cycle. A lot of these data breaches are made possible due to missteps and misconfigurations. There are many security issues that are introduced into website authentication mechanisms that further compound the security issues in addition to enforcing bad behavior by the end users. Security debt is a real problem for the vast majority of organizations in the world today and the attackers will utilize this to their advantage. In addition to keeping system hygiene at front of mind defenders need to focus on proper network zone segmentation or, as it more popular term these days, zero trust networks. The old conceptual style of a castle wall and moat to defend a network was deprecated several years ago. As a result of the dissolution of the traditional perimeter a stronger focus has to be placed on the strength of authentication, authorization and trust models for the users.

    The antiquated notion of an information security practitioner running through the office brandishing their flaming sword of justice above their heads screaming "thou shall not pass" has at long last reached it's denouement. Whether you are responsible for the security in a financial organization or one that makes teddy bears it is necessary to adapt and learn to trust but, verify.

Background

Would you like to attend Tactical Edge 2019?

There is no cost to attend Tactical Edge 2019. However, you must register to secure a spot.

Follow Us