Agenda
Monday, March 10
In today’s rapidly evolving digital landscape, where advancements in AI introduce both opportunities and risks, staying ahead of cyber threats is imperative for bolstering organizational resilience. This session explores the sophisticated tactics of modern threat actors, including Ransomware-as-a-Service (RaaS), deepfakes, voice cloning, and pig butchering scams. Participants will also gain insights into how AI tools like ChatGPT, alongside malicious AI-driven technologies, are reshaping the cyber threat ecosystem. The presentation will underscore the importance of proactive adaptation, cutting-edge threat intelligence, and innovative cybersecurity testing strategies to fortify an organization’s cyber resilience and safeguard its digital assets.
AI technologies are increasingly used by cybercriminals. The number of cyberattacks, the scale and degree of their sophistication and personalization are growing. Therefore, there is a need to use unconventional methods to increase the effectiveness of the protection of end devices, data and user identities. HP offers a zero-trust approach based on hardware-based functionality and multi-layered protection.
As generative AI (GenAI) reshapes the digital landscape, fraudsters are leveraging its capabilities to perpetrate highly convincing and hard-to-detect scams. From flawless phishing emails to sophisticated deepfakes, AI-powered fraud is becoming increasingly prevalent and more difficult to combat. This session will delve into how traditional scams, like the infamous “Nigerian Prince,” have been supercharged by AI, evolving into far more sophisticated and dangerous threats. We will explore the key challenges organizations face in detecting and preventing GenAI-driven fraud, and offer strategic responses to counter these emerging threats.
Attendees will learn best practices for recognizing AI-generated fraud, including improving staff training and revisiting cybersecurity protocols. Through actionable insights and a strategic playbook, participants will be equipped with the knowledge to strengthen their defenses and stay ahead in the ever-evolving fight against AI-powered fraud.
Last year was another year with a record number of incidents. Does this mean that our resistance to attacks decreases or just the opposite? In this process, it is extremely important to take care of the development of capabilities, mutual support of the entities of the National Cybersecurity System, but also to draw conclusions and adapt to the surrounding world. All this happened in the arena of battles for security in cyberspace not only in 2024, but also in previous years.
In the face of new regulations, cyber risk management is becoming increasingly difficult. After all, it has been known for a long time that the cybersecurity of a company is not only a matter of its own systems, but also of partners and suppliers. Every weak link is a potential door to a cyberattack. Don’t wait for cybercriminals to find an open door – check it out for yourself and start acting today! During the presentation, I will present a case study discussing a holistic approach to cyber risk management, taking into account the latest regulations.
Want to make sure your cloud applications are secure at every stage of their lifecycle? From the moment they are created, through ongoing maintenance, to the way they are used by end users? During the session, the Expert will show how to integrate security directly into the CI/CD process and how to effectively protect applications and the entire runtime environment. You will see how others do it on the example of a real implementation. The whole event will be crowned with the presentation of a demo of a solution that addresses all these aspects – Lacework FortiCNAPP.
More and more often we will come across opinions that the AI Act will block the development of AI in Europe. Will it really be so? In order to be able to answer this question, it is necessary to learn more about the basic requirements provided for in this regulation. During the presentation, the issues that arouse the most controversy in this context will be presented. Possible ways of implementing selected obligations will also be discussed.
The presentation is to focus on several important elements resulting from DORA in a practical approach. What will help us and what will prevent us from efficiently fulfilling our reporting obligations.
- Processes, tools, employee awareness
- Practical risks to maintaining compliance in formal and operational aspects
- Again, processes, procedures, man and his consciousness
- Serious incidents, what will help us, what to avoid
NIS2 requires the implementation of risk analysis and management processes into the organization. Assuming that your organization has already met the requirements of the directive, it is worth asking yourself: what can you do next with the knowledge and data you have acquired? NIS2 is just the beginning of the road. During the lecture, you will learn how to build further, effective cyber resilience without unnecessary revolutions.
Transitioning from cyber resilience to a broader digital trust strategyLinking cybersecurity efforts to brand value and consumer trustExamples of successfully built, lost, and recovered, digital trust
During our talk, we will present a detailed analysis of a real cyber-attack carried out by one of the APT groups in 2024.
We will talk about how the latest techniques of bypassing MFA (Multi-Factor Authentication) and EDR (Endpoint Detection and Response) mechanisms are used by cybercriminals.
If you want to expand your knowledge to strengthen your organization’s cyber resilience, this presentation is for you. We cordially invite you – we will share practical information and present recommendations that will help strengthen the protection of your company/institution against developing cyber threats.
Applications are the backbone of modern business, but managing their connectivity across hybrid environments is becoming increasingly complex. Different systems, security risks, and compliance requirements add to the challenge. Algosec offers a platform that integrates on-premises and cloud environments, ensuring seamless connectivity, robust security, and continuous compliance.
During the presentation, participants will learn about the current (as of early 2025) catalog of attacks on systems using AI. The speaker will discuss m.in:
- attacks on data integrity, including poisoning of training data
- adversary attacks, allowing the manipulation of the results of AI models
- Infrastructure attacks, such as availability disruption and model manipulation
The presentation will include a demonstration part, in which the Speaker will illustrate selected attack techniques and methods of their detection and protection. The knowledge obtained will be particularly useful for auditors and pentesters who face challenges related to the security of AI-based solutions.
NIS2 is widely perceived as another costly and difficult to implement regulation prepared by Brussels bureaucrats. Hence, many entities covered by it expect simple, easy-to-implement solutions to demonstrate compliance with its requirements by following the path of least resistance. The situation is not improved by the lack of transposition of the directive into national law, which demobilizes and becomes an excuse not to take action to achieve compliance with the requirements of this regulation. On the other hand, the world has not stopped. Cybersecurity threats are constantly increasing. Techniques and forms of attack are being improved, their number is growing, and potential victims are “waiting for legal acts to be issued”. Is this rational behavior? You will find answers to this, as well as many other questions related to building cyber resilience, in this presentation.
Generative AI is revolutionizing the way we communicate with users through advanced chatbots and voice assistants. However, this technology carries specific security risks that are often underestimated or overlooked during implementations. During this hands-on workshop, participants will take part in an interactive security-challenge game where they will be tasked with discovering and exploiting common vulnerabilities in AI chatbots. Each level of the game presents a new challenge and a new manipulation technique that must be discovered in order to obtain the ‘secret code’ and progress. In the second part of the workshop, based on the experience gained, the most common attack vectors and effective security methods that can be used in your own projects using generative AI will be discussed. The workshop will allow participants to look at the security of AI chatbots from two perspectives – both attacker and defender, which is crucial for understanding and properly securing their own implementations.
Cyberthreat Intelligence is used to recognize threats, identify them, and predict the attacker’s next moves. It’s a good idea to start this journey with Open CTI, which enables collaboration between teams and organizations, while facilitating the exchange of information about trends and threats. A well-built process allows for faster response and, consequently, higher resistance. The security officer can thus significantly speed up the process of sharing information about new actors, as well as the popular techniques and tactics of the attacks he observes.
Open CTI allows you to analyze global and local threat trends and patterns, which helps you predict future attacks.
Quantum computers are coming. The current situation in the field of quantum computers resembles that of the first ENIAC computer built in the mid-40s of the twentieth century: large and slow, but at the same time inspiring for further development. Today, every smartphone owner uses thousands of times more computing power than their first computer. At the same time, as the capabilities of quantum computers develop, the possibilities of their use in cryptography, secure information transmission (quantum entanglement) and in increasing the possibilities offered by artificial intelligence will increase very quickly. The key difference between standard and quantum computers lies in the way information is processed. A standard computer can store 16 different values in a 4-bit register. Importantly, it can store only one selected value in a given unit of time. On the other hand, a quantum computer in 4 qubits can also process 16 values, but analyzes them in a state of quantum entanglement simultaneously. A linear increase in the number of qubits results in an exponential increase in problem-solving capacity. This means that a quantum computer with a power of 64 qubits, although it works millions of times slower than supercomputers per unit of time, is also billions of times faster than them. During the presentation, participants will find out whether some cryptographic algorithms are at risk.
The Digital Operational Resilience Act (DORA) introduces changes in ICT risk management in the financial sector, with particular emphasis on the role of internal audit. This lecture is not only an analysis of regulatory requirements, but above all a journey through a new reality in which internal audit is becoming a key element of building digital resilience. The following issues will be discussed:
- How DORA redefines the role of internal audit in ICT risk – you will learn specific regulatory requirements and practical tips for their implementation
- ICT Risk Management Framework and ICT Audit Plan – you will learn how to build an effective audit strategy in the era of digital transformation
- ICT service provider audits – key guidance on audit rights and using the results of external audits
- Business continuity tests and TLPTs – practical aspects of the role of audit in conducting resilience tests based on threat scenarios
- Development of auditors’ competences – how to prepare for the future and meet the challenges posed by new technologies.
The aim of the presentation is not only to provide knowledge, but above all to inspire action – so that participants can strengthen the operational security of their organizations and adapt to the requirements of the digital age.
The lecture will present the project assumptions and values for SOC/CSIRT teams resulting from the proactive verification of the correctness of the EDR engine for the Linux platform. Taking into account the threat landscape occurring in 2024, specific, individual events of the Linux operating system and the expected, corresponding telemetry indicating a possible compromise of the system will be discussed. The substantive part will be presented in the offensive and defensive aspect. In accordance with the “Don’t trust, verify” principle, the approach used in the project will be discussed related to the study of EDR engine detection coverage and correlating events through controlled executions of individual attacker simulations (MITRE Attack Framework) and full attack chains (Kill Chain). Conclusions from the active transfer of knowledge for the team will also be presented, as well as the values from the developed template containing the steps and areas required to be analyzed in the process of incident response in the Linux environment using AV/EDR tools and other available telemetry.
Adapting to NIS2 and DORA regulations requires effective tools and robust strategies. Axence offers comprehensive support in this area, especially when it comes to provisions regarding asset inventory and employee training:
Axence SecureTeam®: An educational platform that enables employee training in cybersecurity, in accordance with the requirements of DORA and NIS2. Axence nVision®: Inventory module: Comprehensive inventory of resources and their relationships, compliant with the requirements of both regulations. HelpDesk module: Incident logging and analysis to draw conclusions. DataGuard module: Protect data from leakage through security policies and operations auditing.
NIS2 and DORA are key regulations that set new standards for digital security. Meeting them is not only a legal obligation, but also an investment in protection against the growing number of cyberattacks. Using tools such as Axence SecureTeam® or nVision® will not only allow you to adapt to the requirements, but also effectively secure your organization for the future.
The expert would like to familiarize the conference participants with the world of anomalies in the SecOps sector. During the presentation, he will talk about the types of anomalies with examples. It will present how events in the form of streams can be used to build a multimodal knowledge graph (MMKG) and how anomaly detection looks like using this structure. The final part of the presentation will focus on the use of graph neural networks (GNN) to detect significant deviations from the norm. Participants will certainly expand their knowledge about anomalies in the SecOps sector and learn about the methods they can use to effectively search for them. Awareness and effective finding of anomalies is one of the key practices to reduce operational risk and increase the level of security in business.
Discussion of key technical and organizational aspects:• Policies related to artificial intelligence• Internal organization• Resources for AI systems• Impact assessment of AI systems• Life cycle of the AI system• Data for AI systems• Information for stakeholders of the AI system• Use of artificial intelligence systems• Relations with third parties and customers
Top 10 KPIs for cybersecurity for CISOs
How can we measure cybersecurity today?
What can a CISO do to report to the Management Board?
How to focus on supporting the company/business goals?
Going through the proposals of 10 KPIs along with their description of the impact of the yield for the IT security department and the business side
Business and IT security cooperation
Proposal to present the results within the IT SEC DASHBOARD for IT, IT SEC, business managers, risk owners and the Board of Directors and Global CISO
Robotics is becoming a key element of the modern economy, including autonomous vehicles, drones and intelligent industrial machines. With the development of these technologies, there is a need to adapt them to multidimensional legal requirements. The Machinery Products Regulation is the basic piece of legislation governing the safety of robots, however, depending on the application, additional provisions need to be included, such as the Cyber Resilience Act (CRA) on cybersecurity, the Artificial Intelligence Regulation (AI Act) for AI-based systems, as well as sector-specific regulations, e.g. Commission Implementing Regulation (EU) 2019/947 of 24 May 2019 on rules and procedures for the operation of unmanned aerial vehicles.
Incident examples show that failure to comply with security requirements can lead to serious consequences. In 2021, the case of an autonomous vehicle that did not recognize a pedestrian on the crossing, which led to a tragic accident, was widely reported. The analysis showed that the vehicle’s AI system did not take into account specific scenarios in urban traffic, raising questions about the compliance of such systems with artificial intelligence and cybersecurity regulations.
In the aviation sector, the safety of drones remains a challenge, especially in the context of their resistance to unauthorized takeover. An example is a study published in September 2023 in which researchers carried out an attack on the DJI Mini SE drone, exploiting vulnerabilities in the Enhanced Wi-Fi protocol. They managed to take control of the device by manipulating its trajectory. Importantly, widely available Wi-Fi routers were used in the attack, which emphasizes the ease of carrying out such an operation.
The presentation analysed the key challenges arising from the multi-level regulation of robotics, highlighting the difficulties associated with the simultaneous application of machinery safety, cybersecurity and artificial intelligence regulations. It also discusses the need to harmonise regulations and put in place effective mechanisms to ensure that robotic technologies comply with legal requirements.
The aim of the presentation is to present the subject of the use of data analysis methods from IT systems (data analytics) for the purposes of conducting internal audits and to propose practical solutions for audit teams, showing how to prepare internal audit units for internal transformation and implementation of this type of methods. 1. Defining the approach to the implementation of data analysis methods. a) determination of the organizational potential of the audited areas, b) assessment of technical conditions for access to data in the organization, c) analysis of internal competences and available IT tools. 2. Benefits of using data analysis methods and practical examples of their use.
Participants will learn that victims of financial fraud face the problems of post-traumatic trauma, which negatively affect not only the victim of fraud, but also their immediate environment. A victim of fraud after a cyberattack feels a sense of shame and a great drop in self-confidence. The feeling that someone has taken advantage of her trust to extort money in the end makes some people face post-traumatic trauma and even depression. Ultimately, this means that few people admit to their loved ones that they have been deceived and as a society we do not know the scale of these attacks, and the victims need the support of a therapist or even a medical one.
During the presentation, I will show the statistics of cyberattacks based on data from the Police, NASK and new NBP reports showing the amounts of stolen funds, which have been published only since the 2nd quarter. I will end the presentation with a summary of what we can do as experts and the entire industry to make the public aware of the full impact of cybercrime.
What is an insider threat?
Profile of behaviors, motivations, intentions, and threats posed
Different insider profiles
How to detect insider threats?
How do attackers mask their actions?
How to protect yourself from insider attacks?
In the face of increasing regulatory requirements under the NIS 2 Directive, the role of the Data Protection Officer goes beyond the traditional supervision of the GDPR. Is the DPO a key partner in the process of implementing new cybersecurity standards, or just a formal addition to the organization’s structure? During the lecture, we will discuss how to effectively use the competences of the DPO in the context of new duties and how to avoid the pitfalls of conflict of interest.
Main issues:DPO and NIS 2 – a real role or a formal requirement?
- The limits of the DPO’s competences in the context of new regulations.
- Cooperation with the IT department and the management board – challenges and good practices. Training and awareness – does NIS 2 change the priorities of the organization?
- How to effectively involve the DPO in the education of the management board and employees.
- A practical approach to building risk awareness. Compliance audits – what is the role of the DPO?
- Assessment of risks related to the processing of personal data in the context of cybersecurity.
- Advice on the compliance of processes with the GDPR and the principle of privacy by design. Security incidents and GDPR – the new reality of reporting
- NIS 2 vs. GDPR – differences in the approach to incident reporting.
- How to avoid chaos in the organization and ensure consistency of activities.
The presentation will address the challenges faced by computer forensics. What are the prospects and what are the threats, what are the opportunities and what are the difficulties. Introduction of LLM models, new types of information carriers, clouds, and big data. Changes in the approach to data processing, changes in data storage, changes in the amount of data. How a data scientist can seize opportunities with new problems in mind.
The percentage of entities that secure equipment and media affected by a cyber-attack for the purposes of forensic analysis and law enforcement activities is still relatively small. The question arises whether this is due to unawareness of the need for such actions, lack of ability to secure media, fear of costs or perhaps adopting an approach based on the principle of “reproduce and forget”. During the lecture, the legal background will be presented regarding the obligations related to the protection of such media from the point of view of criminal liability (for the needs of law enforcement authorities), administrative liability (in terms of penalties under the GDPR and the Act on the National Criminal Code), and civil law (from the point of view of the liability of employees of the entity affected by the attack and towards entities whose data is on the media). The issue will be presented taking into account the distribution of responsibilities from the point of view of the division of roles between the top management, the DPO, the legal/compliance department, the CISO and the IT/SOC department. The presented issues will be based on regulations that take into account the changes resulting from NIS2, DORA and CER.
Participants will learn what end-to-end encryption is and learn about its basic scheme. They will learn what really secures communication encryption and what additional threats protocols are resistant to on the example of the Signal protocol.
The evening integration meeting will take place at the DoubleTree by Hilton Hotel.The evening meeting will be a great opportunity for integration, free exchange of experiences and inspiration.
Tuesday, March 11
The cyber security industry does not work. The evidence, clearly visible, is ubiquitous and overwhelming. If you agree that our industry was founded on the fundamental objective of preventing information technology systems from breaches and data theft, then you must surely agree that it has failed. The statistics are everywhere and overwhelming. The cyber security industry is broken. It is clearly not up to the challenges presented by the ever-changing threat landscape. Why? The primary reason is that our cyber security vendor products and services do not work. Simply put, they are not fit for purpose. They do not meet the challenges presented by our adversaries. They never have. They fail to keep pace with the skills, ingenuity, and adaptability of the threat actors. They are a step behind the threats when clearly, their job is to be a step ahead. Our products and services do not work, and our vendors bear absolutely no liability or accountability their failures. We are also realising that our “trusted” security products have fast become the threat vector of choice for our adversaries as they are replete with backdoors and security vulnerabilities that should have been addressed in their design and development.
While it’s tempting to lay the blame solely at the doorstep of vendors who don’t practice secure by design, and consistently over-promise and under-deliver, there’s another culprit responsible for the failure of our industry: you – me – all of us. We as consumers are in fact the crux of the problem. We continue to accept the unacceptable. Our industry has failed because we have failed to demand quality from it.
The goal of this presentation is to present 12 simple, effective steps that we can take to improve the efficiency and effectiveness of the products and services in our industry and enhance the return on our investment. It is a consumer “call to arms” to demand more from ourselves and identify what we must do to bring about real, meaningful change in our industry. Rest assured; this session is strictly informative; there is no commercial content or objective. The change starts with each one of us. Let’s embark on the journey together.
The need for greater cyber resilience underpins much of the cybersecurity legislation that the EU has passed in recent years. It is also recognised by most organizations as business-critical in the digital era. Yet it remains a hard bar to clear: Secure the perimeter and then cloud comes along; Get on top of shadow IT only to be faced by shadow AI; Optimise data security controls only to be undone by compromised credentials.
Building cyber resilience for the long-term requires a detailed assessment of current and emerging risks. Organizations need to stay abreast of the geopolitical situation, the threat landscape, and developing and expanding regulatory requirements. Security strategies need to be future-ready to enable the organizations to capitalize on innovation and AI without exposing themselves to greater risk.
During the speech, key aspects of crisis management in the context of cyberattacks will be discussed, with particular emphasis on the role of management boards and executives in preparing the organization for potential threats. The speech will explain why awareness at the highest levels of the company’s government is crucial to minimize the effects of cyberattacks, what the response plan should look like, and what mistakes organizations most often make during a crisis. The topics discussed will also include case studies indicating the consequences of negligence in this area and good practices that can be implemented.
The talk will focus on threats affecting key people in organizations and how to proactively investigate their vulnerabilities to stay ahead of potential attackers and thus ensure the security of the entire organization. During the speech:
- OSINT – fakty i mity
- Who are High Value Targets?
- What areas should be investigated when analysing HVT hazards?
- Selected methods of OSINT analysis
Ensuring cybersecurity is shrouded in secrecy. There are those who think that it is a cliché that is not worth dealing with. There are those who equate it with filling in colorful tables. There are those who argue that (cyber)security is unmanageable. There are also those who believe that cybersecurity can be managed, but do not know how to go about it.
During the presentation, I will show that the theoretical approach of Employees/Processes/Technologies can be directly translated into practice. Provided that we understand what we want to do in this area and why beforehand, i.e. we identify the risk. So there will be a lot of news: risks, competences, structures, processes, prevention, detection, correction, tests, incidents, improvement… There will be updates, segmentations and standardizations. Finally, there will be SOCs, SIEMs and CITs. In other words, I will try to show this issue in a comprehensive way.
I will show that it is possible to combine many “wise” slogans into one whole, i.e. – I will try to show this issue in a coherent way. It will be quite a challenge given the time regime, but I am convinced that it will be possible (although certainly not everything). The presentation will be aimed primarily at people with more experience in management – people who already know that this is a really complex challenge.
Imagine having everything you need in one place:
· Easily assess, communicate and mitigate cyber risks for all ICT assets.
· Ability to mitigate cyber risk for critical web applications and APIs, no matter where they’re located.
· Identify the biggest threats to cloud and container environments.
· Simplify threat remediation across IaaS and SaaS environments with clear threat prioritization so you can get to where it matters first!
· Continuous real-time assessment and definition of risk mitigation priorities and policies, thanks to unified and contextual management.
We invite you to participate. If you are facing challenges such as NIS2 or DORA, you will see how to identify and eliminate ICT risks in an innovative way, efficiently from a single platform.
According to the research included in the BIK Anti-Fraud Report 2024, last year more than 1/3 of Poles encountered at least one form of extortion.
We will talk about how easy it is to be manipulated by fraudsters, about social engineering and the fight against threats from the practical side, using examples with simple and accessible tools to use to avoid becoming a victim of an attack.
In a dynamic corporate environment, effective threat defense requires a well-structured approach to Detection Engineering and Threat Hunting. In this presentation, I will show you how to organize Threat Defense Engineering processes in a large organization, combining technological and operational aspects. I will discuss the path from threat identification and enemy modeling to the implementation of detection and automation of activities. I will focus on data integration, building context-based detection, and effective use of tools to automate incident responses. The whole will be illustrated with practical examples and experiences from building the Threat Defense ecosystem at PepsiCo.
Passwords have been a fundamental part of user authentication for years, but their weaknesses – vulnerability, forgetting by users, and the need to change frequently – make organizations increasingly willing to implement modern authentication methods. The integration of the Okta identity platform with the HID ActivID CMS smart card management system allows you to effectively replace passwords with more secure and convenient methods.
One of the key challenges is the automation of the user creation process and their integration with the smartcard in HID. By combining these systems, an organization can simplify the process of enrolling new employees, providing them with immediate access to the necessary resources, while minimizing the risk of errors and reducing the need for manual administration.
When implementing this solution, you may want to consider choosing between Active Directory and Okta as your primary identity management system. Active Directory is a proven and widely used solution, especially in on-premises environments, while Okta offers a modern cloud-based approach, facilitating integration with SaaS applications, VPNs, or web portals. Each of these solutions has its own advantages and limitations, so the choice should be tailored to the organization’s IT strategy and its security and access management requirements.
One of the most important aspects of integration is the process of logging into your computer using a smartcard. Smart cards allow users to authenticate quickly and securely without having to type in passwords. By combining Okta and HID ActivID CMS, you can implement a solution that not only increases the level of security, but also improves the comfort of users.
The implementation of such technologies also opens the door to various authentication methods. In addition to smartcards, organizations can use FIDO2 keys, biometric authentication, or one-time codes. This allows you to tailor the level of security to different groups of users, while maintaining a balance between security and convenience.
The key aspects to consider during the implementation are safety, user convenience and efficiency of the entire process. Overly complex mechanisms can lead to resistance among employees and generate additional burdens for the IT department. That’s why automating user lifecycle management plays a key role – from day one, through permission changes, to the end of cooperation. Okta, integrated with the HID ActivID CMS, allows for efficient granting and revoking of access, eliminating the risk of leaving active accounts of former employees.
A future without passwords becomes a reality. Organizations that decide to implement modern authentication methods will not only increase the level of security, but also increase the comfort of their users, while reducing the costs associated with identity management.
In 2025, the NIS2 directive and the national cybersecurity system [KSC] impose new obligations on organizations, in which the CISO plays a key role as a leader responsible for information security. The implementation of these regulations requires not only the adaptation of the security strategy to the requirements of ISO 27001 and ISO 22301, but also integration with internal audits that assess the effectiveness of the implemented safeguards. In the context of AI, there is the challenge of managing the risks resulting from the automation of processes and their compliance with the GDPR and other data protection regulations. Both organizational and legislative actions, such as updating policies and procedures, and operational actions, including the development of SOCs to monitor threats and respond to incidents, are necessary. The implementation of NIS2 and KSC is also a challenge for boards, which must ensure adequate funding and resources for the CISO to effectively manage cybersecurity.
The topic will present the effect of the author’s many years of experience in auditing and managing global information security and privacy protection programs. The lecture will present practical tips and strategies for creating integrated data protection systems on an international scale. Key aspects of compliance with various legal regulations, such as GDPR (implemented differently within EU countries), UK GDPR, HIPPA, COPRA, COPPA or CCPA, including new requirements related to AI and ways of managing privacy risks, will be discussed. Participants will learn how to effectively integrate data protection principles into business processes and organizational culture.
Participants will learn what techniques and tactics are used in information and psychological activities to influence decision-making processes, how to identify such operations and mitigate undesirable effects, and how to define disinformation and selected active measures (kinetic and non-kinetic) from the perspective of a multi-domain influence operation.
15 years without access to the source code – that’s how long the owner of a large ERP, CRM, mobile and web applications system lived in the shadow of outsourcing, trusting former employees who founded an external development company. When the audit began, it turned out that the same passwords were used for all projects, no one cared about backups or network security, and even former employees had access to the code. Repository? A random server in the office, not updated for years.
The lecture will reveal the secrets of this unusual audit, in which it was not the code that was analyzed, but the procedures, people and equipment. We will show how the largest security vulnerabilities were patched “live”, during an audit, and how the hidden agenda of the code owner allowed to regain full control over intellectual property. Effect? The company has moved from the chaotic “wild west” of IT to professional management of the Microsoft platform and accountability of developers. We will tell you about the biggest mishaps, unexpected effects of actions and draw conclusions that can save your business. Get ready for a story where the line between chaos and security was thinner than you might think.
During the workshops, Krzysztof Konieczny together with another Digital Scout trainer will present innovative cybersecurity classes as part of the #ULedukacja program. Participants will have the opportunity to immerse themselves in the virtual world thanks to VR glasses and dedicated applications, as well as discover the educational power of comics for children.
The workshops will be conducted in a light, humorous form in accordance with the idea of #naukaizabawa. Participants will receive premiere copies of the comic book “Don’t Be That Troll”, which will allow them to interact with the hosts and take everyone back to the school desk!
In the face of growing cyber threats, ensuring security in the software development process is a priority. During the presentation, the Expert will focus on the latest trends, such as DevOps and artificial intelligence, and their impact on cybersecurity. The software development process itself will be supported by practical experience based on a number of standards used, m.in in military units. The speaker works in the Polish Armaments Group, i.e. about 60 companies, of which the area of software developers is extremely important and critical. PGZ is a manufacturer of innovative systems and solutions used by the Polish Armed Forces and allied formations. The group’s offer includes: modern radar and radar systems, rifles, optoelectronics, wheeled armored personnel carriers, barrel artillery, unmanned aerial systems and battlefield management systems. In other words, we can now find the software development process in virtually every product
A systemic and mature approach to risk management looks like the Yeti in many organizations – apparently it is, but no one has seen it. There are documents, analyses, and even reviews of risks and… nothing changes. Jan Kochanowski already defined the basic principles of such an approach to risk management: And a new proverb a Pole will buy that he is stupid both before and after the project. Systemic risk management, supported by tools and encapsulated in techniques, significantly improves the course of project implementation and the security of the organization’s operation. How to implement simple and effective methods of risk analysis in practice, but above all how to build reverse risk communication, i.e. what air crash analysis has to do with risk management – these were the main themes of the speech.
In BPS Bank, over the last 6 months, we have built a Cybersecurity Center, which connects 308 banks on a scale of 15,000 employees and an infrastructure of over 20,000 devices subject to protection. The presentation would be in the form of a case study – without showing technological solutions.
Security leaders are looking for tools and answers to help them understand and identify the governance, security, compliance, legal, privacy, and resiliency requirements of generative AI. As security leaders working with major clients, we are regularly consulted on trends, best practices, and rapidly evolving GenAI and its associated security and privacy implications. This session introduces you to the GenAI security matrix designed to provide the common language and best practices needed to secure GenAI-based solutions.
In an era of rapidly changing threats and a growing number of attacks targeting critical IT infrastructure, Zero Trust is becoming the foundation of modern information security management. During the presentation, we will present a practical approach to implementing Zero Trust architecture in enterprises – from strategy design to its effective implementation. We will discuss the challenges we encountered while implementing this model with clients and present real-world case studies from the financial and industrial sectors.
The presentation aims not only to inspire, but above all to provide practical tips and tools that participants will be able to apply in their organizations.
In the current financial perspective, financing opportunities for public administration, public entities and enterprises, including SMEs, as well as cybersecurity preferences in terms of technical and organizational measures to manage security threats in accordance with the NIS2 Directive, have been increased. They will be discussed on the basis of examples of activities from central and regional programs in terms of project implementation variants, e.g. using the existing infrastructure, building new IT systems and expanding the existing ones. A comprehensive approach to cybersecurity will be presented, taking into account the requirements and point preferences specified in the project selection criteria. Increased awareness of entities applying for funding will result in the inclusion of cybersecurity expenditure in project tasks, which will lead to increased procurement and development of the market for cybersecurity supplies and services.
Building awareness of the threats of the digital world rests on each of us – members of the cyber community. The role of education, knowledge about the risks and ways of acting of criminals is crucial, as is the role of mindfulness in everyday life. Participants will learn how to recognize and react to unusual behaviors that may indicate that someone is currently the target of a criminal attack.
