2016 Program – Security Automation World 2017
Security Automation World - Predictive Technologies & Threat Intelligence for Cybersecurity | September 25-26, 2017 – Marseille, France

2016 Program

Download the program
PROGRAM AT A GLANCE
DAY 1 – Monday Sept. 26 Afternoon
Smart Security Week Plenary Opening Innovation Live
SECURING GLOBALLY CONNECTED SOCIETY
Jointly with 
2.00pm: EXHIBITION OPENING
DAY 2 – Tuesday Sept. 27
Track 1: When Big Data Meets Meets Cybersecurity Innovation Live
Cyberthreats Modelling & Emerging Threats All-day: Exhibition & Demos
Machine Learning New Perspectives
Lunch break
 
Track 2: Managing the IoT Risk
Innovation Live
Advanced Analytics in the IoT Space
All-day: Exhibition & Demos
Gala Evening
IoT Networks Security
DAY 3 – Wednesday Sept. 28
Track 3: From Vulnerability to Risk Management Innovation Live
Implementing Proactive Security All-day: Exhibition & Demos
Meeting Compliance & Security Standards

DAY 1 - Monday September 26 Afternoon

2.00pm – 6.30pm: Opening | 3.50pm – 4.30pm: Coffee & Refreshment Break – Networking – Exhibition

PLENARY OPENING
SECURING GLOBALLY CONNECTED SOCIETY
Chaired by Jon Shamah, Principal Consultant, EJ Consultants, UK
The Opening addresses transversal topics of the 3 Smart Security Week conferences: World e-ID & Cybersecurity, Connect Security World and Security Automation World.
INTRODUCTION
Day 1
26 Sep 2016
Jon Shamah

Introduction

PART 1: IoT Security
Day 1
26 Sep 2016
Art Swift

KEYNOTE What’s Wrong with IoT Security and How Can We Fix It?

  • Recent major life-threatening vulnerabilities discovered in IoT
  • Key commonalities in attack patterns
  • Hardware-based approach designed to overcome the IoT security challenges
    identified

PART 2: Introducing Security Automation World
Day 1
26 Sep 2016

Panel: “From breach prevention to acceptance: defining a sustainable security strategy to protect data”

PART 3: Identity & Access
Day 1
26 Sep 2016
Raghu K Dev

Cognitive Access Management

Today’s dynamic nature of organizations contributes to complexity for monitoring and controlling access and identity cyber-risks. Solution: Apply continuous learning, reasoning and human interact-ability to Identity and Access management domain.

  • Apply machine learning and cognitive approach on identity and access data
  • Aim at providing risk aware identity analytics
  • Recommend peer reviewed analysis to reviewers, administrators and business executives.
Peter Went

World Citizen Card, a ‘token’ and/or ‘blockchain’?

Mr. Went will present his holistic view on ‘identity’, from the why  an identity, the impact of no identity, the right to an identity and the ‘foodchain’ of an identity. The latter is relevant in that there are layers of identity, from ‘simple’ breeder documents, to national ID documents to international (traveler) documents. Conventionally international (traveler) documents are physical documents like a passport, but ‘blockchain’ could be a consideration here.

Jon Shamah
Raghu K Dev
Peter Went
John Erik Setsaas
Jim Dray

IDENTITY ON THE BLOCKCHAIN
PLENARY PANEL

Setup and moderated by Jim Dray, Senior Computer Scientist, Information Technology Laboratory, National Institute of Standards and Technology (NIST)

Blockchains have the potential to revolutionize business on the Internet and will undoubtedly impact the identity management world. However, the nature of this impact is not yet clear. This panel will explore the intersection of blockchain technology and identity management:

  • What capabilities does blockchain technology offer that can improve identity management?
  • What are the drawbacks of blockchain technology in the identity space?
  • Who is currently experimenting with identity on the blockchain?
  • What commercial offerings are available?
  • Are there opportunities for international collaboration?

Innovation Live
All-day: Exhibition & Demos
Welcome Cocktail

DAY 2 - Tuesday September 27

9.00am - 1.00pm: Session 1 | 10.50 - 11.20am: Coffee & Refreshments Break – Networking – Exhibition

Track 1: When Big Data Meets Cybersecurity
Session Chair: Jean-Paul Thomasson, Security Expert, Strategies Telecoms & Multimedia (TBC)
This session will explore the wave of technologies for a data driven security:
the state-of-the-art advanced analytics technologies for cybersecurity through insights and expertise from Industry and Academia.

Cyberthreats Modelling & Emerging Threats
Day 1
27 Sep 2016
Veronica Valeros

KEYNOTE Threat Hunting en Masse: Challenges and Discoveries

  • The world from a malware analyst eyes: there *is* such thing as too much data
  • Cyber threat landscape: what are the current risks our organisations face?
  • Cisco Cognitive Threat Analytics: state-of-the-art machine learning for threat detection
  • Challenges of threat hunting on big data.

Machine Learning New Perspectives
How can machine learning and big data combine to provide awareness of the threats and intentions of a hostile cyber actor?
Day 1
27 Sep 2016
Ian Trump

Machine Learning: The Future of Cybersecurity

  • How machine learning and big data will make the internet a safer place
  • How machine learning and big data can provide insights and unveil the threats and intentions of cyber actors
  • How machine learning and big data can help small and medium businesses overcome security threats
  • How LOGICnow is using machine learning and big data to prevent IT security threats and create a layered fortress of security
Lauri Ilison

Data Science for Security Enhancement

  • New security enables from data driven approach
  • Interesting use cases from latest developments – data leakages discovery, Panama Papers type challenges
  • Open-source tools and algorithms
Karel Bartos

Novel ML Approaches for Detecting New and Previously Unseen Network Threats

  • Detecting malware at various levels of abstraction (sampling, anomaly detection, classification, correlation)
  • New representation and classification methods invariant against malware changes
  • Adaptive approaches for IDS collaboration

Panel Debate: Predictive Cybersecurity: For Who?

Advanced Analytics technologies for Cybersecurity such as Machine Learning are full of promises for cybersecurity enhancement: How do they perform in real life? Are they mainly intended to large organizations?

Innovation Live
All-day: Exhibition & Demos
1.00 – 2.00pm: Lunch – Networking – Exhibition | 2.00 – 6.45pm: Session 2 | 3.50 – 4.30pm: Coffee & Refreshments Break – Networking – Exhibition

Track 2: Managing the IoT Risk
IoT is more and more about analysing data than connecting devices. As billions of additional devices get connected to the Internet, it will become impossible to manually deal with the number of alerts and/or unknown assets and events. The massive move towards open standards and IP connectivity, the growing integration of IoT technologies, and the disruptiveness of targeted cyber-attacks, calls for novel, designed-in, Cyberthreat Intelligence.

Advanced Analytics in the IoT Space
Day 1
27 Sep 2016
Petros Efstathopoulos

KEYNOTE Security Analytics in IoT

Gabriel Vernot

The Internet of (Insecure) Things

  • IoT is becoming a major topic in Enterprise devices usage.
  • How EMM can help us securing them ?
  • IoT landscape,
  • Some examples of EMM protection,
  • Conclusion

Panel Debate: The machines are coming! How to overcome the siloed IoT ecosystem to put into place proactive security?

IoT Networks Security:
Advanced solutions to secure data over the Internet
Day 1
27 Sep 2016
Maurice (Mo) Cashman

KEYNOTE Hyper-Connected Future – 5G Security

  • Security challenges from a large number of connected devices
  • Security challenges from increased data transfer speeds
  • More severe consequences of security breaches due to the nature of technology enabled by 5G
David Dufour

The Architecture of a Secure IoT Gateway: A Technical Deep Dive

  • The inner workings of IoT Gateways: SSL Decryption, DPI, Policy Management
  • How Cyber Threat Intelligence can be applied to IoT Gateways
  • How technology such as Separation Kernels can be applied to Gateways
Larry LeBlanc

Building Secure Device-to-Cloud Architecture (Title TBC)

  • IoT Security challenges compared to “typical” enterprise security
  • End-2-End encryption
  • How secure device-to-cloud architecture helps Device authentication, Access control, Layered encryption, Advanced network intelligence
  • Supporting services: Credential management, Software upgrade, Threat tintelligence
Florian Pebay-Peyroula

Ephemeral: Lightweight Pseudonyms for 6LowPAN Mac Addresses

  • Privacy issues in 6LoWPAN WSN
  • SLAAC and IPv6 privacy leaks
  • Tunnel-like mode for constrained network
  • Introduction of Ephemeral: novel scheme for preserving privacy in constrained networks

Innovation Live
All-day: Exhibition & Demos
Gala Evening

DAY 3 - Wednesday September 28

9.00 – 10.50am: Session 3 | 10.50 – 11.20am: Coffee & Refreshments Break – Networking – Exhibition | 11.20am – 1.00pm: Break-out Sessions

Track 3: From Vulnerability to Risk Management
Less than 5% of organisations would have a threat intelligence platform in place, a figure which is expected to rise dramatically in the next few years. Beyond buzzwords, security and information risk managers must focus on detecting and responding to threats, as well as more traditional blocking and other measures to prevent attacks.

Implementing Proactive Security
Stepping up from SIEM and IAM tools approach to proactive and automated Internet security framework: paths to drive organisational change and implement successfully advanced solutions.
Day 1
28 Sep 2016
David Dufour

KEYNOTE

Dor Zakai

The Mobile & Secure Workspace

Attaining true business mobility and minimising risk of cyber-attacks requires legacy and cloud apps to be managed, accessed and above all secure – irrespective of device and the location. This session will talk about VMware’s approach to this challenge and how Workspace ONE is bringing together identity, device management and application delivery on a single integrated platform to support business mobility in the mobile-cloud era. Building on the principal of ‘consumer simple and enterprise secure’, the session will cover identity-defined and adaptive management technologies and unified endpoint management, among the latest approaches designed to help improve company-wide security and control of managed or unmanaged devices.

Fabrice Derepas

Reducing Cyber Risks and Lowering the Cost of Designing Safety-Critical Systems

To reduce cyber risks, do you need to change your entire software development process? Or is there an approach that can be implemented into your current software development process? During this session, we will explore the next generation of safety-critical systems. We will look at 10 key elements for a strong cyber security strategy and examine solutions to validate mission-critical software.

  • Exploring the next generation of safety-critical systems
  • 10 key elements for a strong cyber security strategy
  • Solutions to validate mission-critical software and eliminate attack vectors

Meeting Compliance & Security Standards
The risk from breaches is today a seven to eight figure risk to the enterprise. Compliance security audits are rising fast, and again are a seven figure risk to today’s business. How to be prepared to reduce the risk associated with breaches and non-compliance with security mandates?
Day 1
28 Sep 2016
Ali Pabrai

Art of Performing Risk Assessments

  • Compliance mandates & standards for risk assessment
  • Core components for a comprehensive & thorough risk assessment exercise
  • Risk assessment report to understand key sections such as a Corrective Action Plan (CAP)
  • How to integrate a technical vulnerability assessment & penetration test within the scope of a risk assessment
David Dufour

Panel Debate: Achieving greater automation in internet security: challenges and opportunities

<em data-mce-style=”color: #999999;”>Moderated by</em>&nbsp;David Dufour

Innovation Live
All-day: Exhibition & Demos
End of the conference