Using Threat Intelligence to test your security posture
Join Outpost24 and CM.com to understand how cyber threat intelligence can help improve your security efficiency. Hackers and ransomware groups are using increasingly complex techniques to disrupt business operations, steal data and commit fraudulent activities. In order to mitigate these threats, organizations need to take a proactive stance. One of the biggest enablers is Cyber Threat Intelligence (CTI). CTI empowers organizations to make faster and smarter cybersecurity decisions by understanding the TTPs and threat actors’ activities, helping security teams improve SOC efficiency and prevent potential data breaches.
Agenda and Speaking Panel
12.00 – 12.30 Registration + Lunch
12.30 – 12.45 Introduction
12.45 – 13.15 Cybersecurity trends from the dark web
Malware designed to steal victim information, including user credentials and password has become big business in the cybercriminal underground. Learn about the evolving business model of malware-as-a-service groups - how they are stealing and selling stolen credentials in an industrial scale, and enables threat actors from all levels to get into the hacking game with their subscription services, tutorials and easy to use portals.
Speaker: Victor Acin, Outpost24
13.15 – 13.45 Use case for threat intelligence-led security
Threat intelligence is not new but many organizations struggle to leveraging it effectively. Francisco will walk you through how best to use threat intelligence for defensive and offensive security, and common pitfalls you should avoid.
Speaker: Francisco Dominguez, Hunt & Hackett
13.45 – 14.15 Tales from the trenches: advanced Red teaming / Tiber program
The best threat intelligence solution for your organization will vary depending on business. Rogier will explore the different type of threat intelligence and demonstrate how it is useful at a variety of maturity levels when it comes to security testing and risk reduction.
Speaker: Rogier Besemer, DNB
14.15 – 14.30 Break
14.30 – 15.15 Cyber resilience = cyber hygiene + threat intelligence
There's no silver bullet in the world of cybersecurity. As the CISO at CM.com, Sandor shares his journey to building cyber resilience with a practical 10 point guide for tightening cyber hygiene with the use of threat intelligence
Speaker: Sándor Incze, CM.com
15.15 – 15.45 Group discussions
15.45 – 16.15 Experience sharing and summary
16.15 Drinks and networking
Rogier Besemer, DNB
Head of Cyber
Rogier Besemer is head of the Cyber Policy, Intelligence and TIBER department at De Nederlandsche Bank in the Payments and Market Infrastructure division. He was one of the founders of the now European TIBER initiative (Threat Intelligence Based Ethical Red-teaming). The aim of TIBER-NL is to strengthen the cyber resilience of the most important financial institutions against advanced attackers. He previously worked as a Cyber Resilience Expert at “De Volksbank” and as a Cyber Advisor at the Ministry of Security and Justice.
Francisco Dominguez, Hunt & Hackett
Research & Innovation Lead
Bouncing between technical deep dives and board room chatter Francisco Dominguez has been involved with security (nowadays Cybersecurity) for the last 20 years and has kept track of some of it on his personal blog. Hacking and breaking different environments by combining technical knowledge and understanding of the surrounding process has always been his main passion. For example, he was involved in the investigation of the software and processes used to support the Dutch national elections. Unfortunately, those pesky commercial NDAs don’t allow the naming of other fun jobs that involved social engineering people, jumping airgaps, fences or listening to hard disks to know if they are encrypted. Most of his offensive career he worked at Fox-IT and Securify, nowadays he is viewing security from the defense side while working at Hunt & Hackett.
Sándor Incze, CM.com
Sándor is CISO at CM.com, but in the late 1990s he worked for many years as a consultant throughout the Netherlands at various corporate companies. He is known for being able to break down complex matters into smaller explainable pieces. “Simplify, automate and don't use too much expensive talk”, is what he calls it. Helping people solve problems is in Sándor's genes. In 2004, for example, he followed training at the Police Academy in Apeldoorn, after which he went to work as a Police Officer in Rotterdam. During that time he also introduced various technological gadgets to the police. When he found out that CM.com's motto is: 'do what you like', and that this is exactly what Sándor likes to do, the switch to CM.com, now about 11 years ago, was easy to make.
Victor Acin, Outpost24
Head of Threat Intelligence Research
Victor Acin has been working in Threat Intelligence since 2016, and is now leading the Kraken Labs unit at Outpost24, performing tasks related to the generation of Threat Intelligence (mainly reverse engineering of malicious samples and research of global actors), and the development of the department's internal products, such as the malware analysis sandbox. In addition, he has also worked as an ethical hacker, performing penetration tests against web applications, external and internal infrastructure, and mobile devices.
Patrick van Velthoven, Outpost24
Patrick van Velthoven works at Outpost24 and has 20 years of experience, at national and international level, with cybersecurity and the fraud. Patrick was, for example, involved in the creation of the first Dutch Cyber Threat Intelligence platform (CMIS) for the sharing of data between Dutch banks. He also advised various institutions on the subject of Open Banking and PSD2, which involved finding answers to compliancy and technical issues relating to fraud and identity controls.